urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Submission: On January 05 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 8 countries across 112 domains to perform 560 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 54371.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
21 142.250.4.132 15169 (GOOGLE)
45 142.251.10.157 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.144 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
2 42 74.125.24.154 15169 (GOOGLE)
21 104.26.3.91 13335 (CLOUDFLAR...)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.10 20446 (STACKPATH...)
3 74.125.200.155 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
4 172.253.118.139 15169 (GOOGLE)
2 13.35.8.99 16509 (AMAZON-02)
1 172.217.194.94 15169 (GOOGLE)
32 142.251.10.132 15169 (GOOGLE)
1 11 142.251.10.105 15169 (GOOGLE)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
4 4 89.207.22.108 41041 (VCLK-EU-SE)
14 39 74.125.68.155 15169 (GOOGLE)
1 202.233.84.1 131957 (MICROAD M...)
4 9 104.18.33.19 13335 (CLOUDFLAR...)
5 13 52.223.2.229 16509 (AMAZON-02)
1 182.22.16.123 23816 (YAHOO Yah...)
7 26 51.79.234.101 16276 (OVH)
7 7 70.42.32.255 22075 (AS-OUTBRAIN)
34 182.161.73.129 55569 (CRITEO-AS...)
1 74.125.24.155 15169 (GOOGLE)
3 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.25.14 13335 (CLOUDFLAR...)
11 182.161.73.135 55569 (CRITEO-AS...)
5 182.161.73.142 55569 (CRITEO-AS...)
1 3 103.229.10.247 16509 (AMAZON-02)
1 104.16.89.20 13335 (CLOUDFLAR...)
8 11 104.254.148.252 29990 (ASN-APPNEX)
1 182.161.73.145 55569 (CRITEO-AS...)
1 35.213.117.18 15169 (GOOGLE)
1 44.237.153.204 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 23.207.185.101 16625 (AKAMAI-AS)
2 54.250.202.90 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 2 145.40.89.200 54825 (PACKET)
15 34.240.174.255 16509 (AMAZON-02)
3 13 34.98.64.218 396982 (GOOGLE-CL...)
1 52.77.12.199 16509 (AMAZON-02)
1 13.33.33.118 16509 (AMAZON-02)
20 21 35.71.131.137 16509 (AMAZON-02)
1 1 18.177.208.182 16509 (AMAZON-02)
2 34.96.105.8 396982 (GOOGLE-CL...)
17 19 35.213.12.39 15169 (GOOGLE)
2 2 35.213.93.179 15169 (GOOGLE)
6 9 13.228.111.128 16509 (AMAZON-02)
3 3 54.85.151.23 14618 (AMAZON-AES)
4 5 50.116.239.135 6336 (TURN-US-ASN)
1 3 104.18.25.173 13335 (CLOUDFLAR...)
5 6 185.84.60.23 198622 (ADFORM)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
5 182.161.73.136 55569 (CRITEO-AS...)
4 14 23.44.27.86 16625 (AKAMAI-AS)
1 104.18.36.94 13335 (CLOUDFLAR...)
1 151.101.1.108 54113 (FASTLY)
14 23.207.184.25 16625 (AKAMAI-AS)
1 13.227.74.2 16509 (AMAZON-02)
1 3 13.107.42.14 8068 (MICROSOFT...)
1 1 23.108.103.8 59253 (LEASEWEB-...)
2 8 52.46.143.56 16509 (AMAZON-02)
1 13.107.21.200 8068 (MICROSOFT...)
2 2 124.146.215.51 2514 (INFOSPHER...)
2 2 13.33.88.98 16509 (AMAZON-02)
8 8 103.229.205.243 30419 (MEDIAMATH...)
1 3 69.173.144.138 ()
8 14 69.173.158.64 26667 (RUBICONPR...)
1 6 23.106.127.39 59253 (LEASEWEB-...)
2 4 35.190.60.146 15169 (GOOGLE)
18 24 67.199.150.82 ()
6 8 52.74.13.196 16509 (AMAZON-02)
1 11 139.5.84.243 ()
1 52.220.92.174 16509 (AMAZON-02)
4 4 151.101.2.49 54113 (FASTLY)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 2 198.8.71.131 ()
4 23.207.36.196 16625 (AKAMAI-AS)
18 19 74.118.186.45 ()
1 23 54.238.120.71 ()
3 3 52.76.76.143 ()
2 2 182.161.73.146 55569 (CRITEO-AS...)
1 216.130.169.24 ()
2 2 23.207.185.68 ()
4 4 3.122.91.1 ()
1 54.199.215.196 16509 (AMAZON-02)
2 3 23.106.127.164 ()
1 13.33.88.73 ()
2 2 209.191.163.208 ()
3 3 209.191.163.152 ()
2 2 72.34.250.75 ()
2 3 67.220.226.234 ()
4 4 104.254.148.251 ()
2 2 13.113.230.231 ()
1 172.64.154.237 ()
1 1 34.111.151.213 ()
1 1 185.183.112.148 ()
18 22 103.231.98.194 ()
34 184.73.94.61 ()
3 103.231.98.196 ()
5 5 18.176.128.31 ()
2 2 74.214.196.131 ()
3 4 66.225.223.191 ()
1 1 54.225.22.7 ()
1 129.159.70.95 ()
2 8.18.47.7 ()
3 3 13.215.197.255 ()
1 1 20.127.253.7 ()
2 2 162.19.138.83 ()
1 52.20.240.11 ()
2 2 80.77.87.163 ()
2 2 185.184.8.90 ()
1 1 67.202.105.23 ()
1 1 52.220.48.165 ()
1 1 52.76.81.127 ()
2 2 203.195.121.142 ()
2 2 69.173.151.100 ()
1 1 18.138.18.111 ()
1 1 172.104.45.159 ()
1 220.150.223.50 ()
1 2 35.186.193.173 ()
1 18.179.187.167 ()
1 13.250.207.233 ()
1 195.5.165.20 ()
1 1 35.214.223.115 ()
2 3 107.178.244.193 ()
1 2 52.74.234.58 ()
1 2 119.9.108.191 ()
2 2 35.230.38.116 ()
3 67.199.150.85 ()
1 1 34.102.253.54 ()
560 100
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
21    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
cdn.ampproject.org
21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com
3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
45    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
pagead2.googlesyndication.com
3    103.254.153.160 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
42    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
adservice.google.com
securepubads.g.doubleclick.net
www.googletagservices.com
21    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
3    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
partner.googleadservices.com
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
4    172.253.118.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f139.1e100.net
www.google-analytics.com
2    13.35.8.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-99.sin5.r.cloudfront.net
adx.holmesmind.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-25076016372874357454.ampproject.net
32    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
11    142.251.10.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f105.1e100.net
www.google.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
7    13.76.45.37 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
4    89.207.22.108 (Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-login-ds.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
39    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
cm.g.doubleclick.net
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
9    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
htlb.casalemedia.com
13    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    182.22.16.123 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
26    51.79.234.101 (Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
7    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
34    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
securepubads.g.doubleclick.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
5    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
11    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    44.237.153.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-153-204.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    23.207.185.101 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-185-101.deploy.static.akamaitechnologies.com
a.teads.tv
2    54.250.202.90 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-202-90.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
15    34.240.174.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
ads.servenobid.com
13    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
1    52.77.12.199 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-12-199.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
21    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    18.177.208.182 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-208-182.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
19    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
9    13.228.111.128 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-111-128.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    54.85.151.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-151-23.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
3    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
14    23.44.27.86 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-27-86.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
14    23.207.184.25 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-184-25.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
c21lg-d.media.net
1    13.227.74.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-74-2.sfo20.r.cloudfront.net
public.servenobid.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    23.108.103.8 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
8    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.33.88.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net
cr-p3.ladsp.com
8    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.138 (None, )

ASN- ()
pixel-eu.rubiconproject.com
14    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    23.106.127.39 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
4    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
24    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
8    52.74.13.196 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
1    52.220.92.174 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-92-174.ap-southeast-1.compute.amazonaws.com
d.adroll.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    23.207.36.196 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
19    74.118.186.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
23    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
3    52.76.76.143 (None, )

ASN- ()
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    216.130.169.24 (None, )

ASN- ()
sync.adkernel.com
2    23.207.185.68 (None, )

ASN- ()
stags.bluekai.com
4    3.122.91.1 (None, )

ASN- ()
rtb.mfadsrvr.com
1    54.199.215.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-215-196.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
3    23.106.127.164 (None, )

ASN- ()
ssbsync.smartadserver.com
1    13.33.88.73 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
2    209.191.163.208 (None, )

ASN- ()
ce.lijit.com
3    209.191.163.152 (None, )

ASN- ()
ap.lijit.com
2    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
3    67.220.226.234 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
4    104.254.148.251 (None, )

ASN- ()
secure.adnxs.com
2    13.113.230.231 (None, )

ASN- ()
match.prod.bidr.io
1    172.64.154.237 (None, )

ASN- ()
dsum.casalemedia.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
22    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
34    184.73.94.61 (None, )

ASN- ()
cs.minutemedia-prebid.com
3    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
5    18.176.128.31 (None, )

ASN- ()
pool.admedo.com
2    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
4    66.225.223.191 (None, )

ASN- ()
sync.outbrain.com
1    54.225.22.7 (None, )

ASN- ()
sync.ipredictive.com
1    129.159.70.95 (None, )

ASN- ()
sync.technoratimedia.com
2    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
3    13.215.197.255 (None, )

ASN- ()
ad.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
2    162.19.138.83 (None, )

ASN- ()
id5-sync.com
1    52.20.240.11 (None, )

ASN- ()
cs.emxdgt.com
2    80.77.87.163 (None, )

ASN- ()
cs.admanmedia.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    67.202.105.23 (None, )

ASN- ()
ssc-cms.33across.com
1    52.220.48.165 (None, )

ASN- ()
ads.yieldmo.com
1    52.76.81.127 (None, )

ASN- ()
match.sharethrough.com
2    203.195.121.142 (None, )

ASN- ()
ads.betweendigital.com
2    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    172.104.45.159 (None, )

ASN- ()
gocm.c.appier.net
1    220.150.223.50 (None, )

ASN- ()
sync-dsp.ad-m.asia
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    18.179.187.167 (None, )

ASN- ()
dps.jp.cinarra.com
1    13.250.207.233 (None, )

ASN- ()
cm.adgrx.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.214.223.115 (None, )

ASN- ()
csync.loopme.me
3    107.178.244.193 (None, )

ASN- ()
pixel.tapad.com
2    52.74.234.58 (None, )

ASN- ()
sync.crwdcntrl.net
2    119.9.108.191 (None, )

ASN- ()
uipglob.semasio.net
2    35.230.38.116 (None, )

ASN- ()
um.simpli.fi
3    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
82 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com
3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
1 MB
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
520 KB
56 pubmatic.com
image8.pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 741
image2.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
47 KB
50 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
pix.as.criteo.net — Cisco Umbrella Rank: 10234
csm.as.criteo.net — Cisco Umbrella Rank: 9735
368 KB
36 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1381
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
eus.rubiconproject.com — Cisco Umbrella Rank: 832
pixel-eu.rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1267
token.rubiconproject.com
pixel-us-east.rubiconproject.com
68 KB
35 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
cs.minutemedia-prebid.com
14 KB
26 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
12 KB
24 gumgum.com
usersync.gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2287
7 KB
22 bg3.co
www.bg3.co — Cisco Umbrella Rank: 54371
static.bg3.co
16 KB
21 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
12 KB
21 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
htlb.casalemedia.com — Cisco Umbrella Rank: 760
dsum-sec.casalemedia.com
dsum.casalemedia.com
17 KB
20 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1377
x.bidswitch.net — Cisco Umbrella Rank: 411
10 KB
20 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
6 KB
17 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
8 KB
17 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 13019
ads.as.criteo.com — Cisco Umbrella Rank: 9458
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 10102
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 446
dis.criteo.com — Cisco Umbrella Rank: 903
147 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2958
public.servenobid.com — Cisco Umbrella Rank: 5816
9 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com
33 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
333 KB
15 media.net
prebid.media.net — Cisco Umbrella Rank: 1875
contextual.media.net — Cisco Umbrella Rank: 788
cs.media.net — Cisco Umbrella Rank: 2232
c21lg-d.media.net
20 KB
14 1rx.io
sync.1rx.io
9 KB
14 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 497
tlx.3lift.com — Cisco Umbrella Rank: 817
6 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 16201
u.openx.net — Cisco Umbrella Rank: 983
us-u.openx.net — Cisco Umbrella Rank: 698
jp-u.openx.net — Cisco Umbrella Rank: 6508
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15457
e3.adpushup.com — Cisco Umbrella Rank: 17049
campaign.adpushup.com — Cisco Umbrella Rank: 47244
238 KB
11 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
aax-eu.amazon-adsystem.com
7 KB
9 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2703
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 679
4 KB
8 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 59899
2 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 775
5 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 871
3 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27676
sync.aralego.com — Cisco Umbrella Rank: 4367
4 KB
5 admedo.com
pool.admedo.com
3 KB
5 lijit.com
ce.lijit.com
ap.lijit.com
3 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
r.turn.com — Cisco Umbrella Rank: 4328
2 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
964 B
4 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 926
571 B
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5103
pubmatic-match.dotomi.com
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
574 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 11232
47 KB
3 tapad.com
pixel.tapad.com
790 B
3 360yield.com
ad.360yield.com
833 B
3 w55c.net
pm.w55c.net
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1458
pixel.quantserve.com — Cisco Umbrella Rank: 985
cms.quantserve.com
11 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
142 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
855 B
2 ctnsnet.com
ipac.ctnsnet.com
673 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 creativecdn.com
creativecdn.com
701 B
2 admanmedia.com
cs.admanmedia.com
1 KB
2 id5-sync.com
id5-sync.com
3 KB
2 deepintent.com
match.deepintent.com
83 B
2 contextweb.com
bh.contextweb.com
1 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 sonobi.com
sync.go.sonobi.com
1 KB
2 bluekai.com
stags.bluekai.com
2 KB
2 rfihub.com
p.rfihub.com
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 17090
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1130
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 980
cdn.indexww.com — Cisco Umbrella Rank: 2921
2 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7600
sync.adkernel.com
879 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6315
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3322
963 B
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3008
292 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1256
789 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 365810
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
80 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 21367
10 KB
1 playground.xyz
ads.playground.xyz
464 B
1 loopme.me
csync.loopme.me
226 B
1 iprom.net
core.iprom.net
277 B
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 appier.net
gocm.c.appier.net
395 B
1 ambientdsp.com
cm.ambientdsp.com
652 B
1 sharethrough.com
match.sharethrough.com
238 B
1 yieldmo.com
ads.yieldmo.com
395 B
1 33across.com
ssc-cms.33across.com
501 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 inmobi.com
sync.inmobi.com
619 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 adotmob.com
sync.adotmob.com
667 B
1 brand-display.com
dmp.brand-display.com
367 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2169
181 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 444
667 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3328
586 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 16233
358 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1277
615 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1583
502 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4327
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
5 KB
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 5433
621 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 6952
641 B
1 ampproject.net
d-25076016372874357454.ampproject.net
0 pippio.com Failed
pippio.com Failed
0 trafficroots.com Failed
demand.trafficroots.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
560 112
Domain Requested by
45 pagead2.googlesyndication.com www.bg3.co
pagead2.googlesyndication.com
cdn.ampproject.org
ads.aralego.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
www.googletagservices.com
39 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
www.bg3.co
eb2.3lift.com
u.openx.net
onetag-sys.com
g2.gumgum.com
34 cs.minutemedia-prebid.com onetag-sys.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ads.pubmatic.com
eus.rubiconproject.com
34 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
32 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
26 onetag-sys.com 7 redirects googleads.g.doubleclick.net
cdn.adpushup.com
onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
24 image8.pubmatic.com 18 redirects onetag-sys.com
ads.pubmatic.com
23 usersync.gumgum.com 1 redirects contextual.media.net
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
21 match.adsrvr.org 20 redirects cdn.adpushup.com
21 static.bg3.co www.bg3.co
19 x.bidswitch.net 17 redirects onetag-sys.com
16 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
15 simage2.pubmatic.com 11 redirects ads.pubmatic.com
15 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
ssbsync.smartadserver.com
ads.pubmatic.com
14 sync.1rx.io 14 redirects
13 eb2.3lift.com 5 redirects cdn.adpushup.com
eb2.3lift.com
public.servenobid.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
11 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
11 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
11 ib.adnxs.com 8 redirects cdn.adpushup.com
acdn.adnxs.com
11 pix.as.criteo.net ads.as.criteo.com
11 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
10 pixel.rubiconproject.com 4 redirects onetag-sys.com
10 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
cdn.ampproject.org
www.bg3.co
9 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
9 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
cdn.ampproject.org
8 ups.analytics.yahoo.com 6 redirects onetag-sys.com
8 sync.mathtag.com 8 redirects
8 s.amazon-adsystem.com 2 redirects eb2.3lift.com
onetag-sys.com
ssum-sec.casalemedia.com
8 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 image2.pubmatic.com 7 redirects
7 b1sync.zemanta.com 7 redirects
7 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
7 e3.adpushup.com www.bg3.co
6 c1.adform.net 5 redirects ads.pubmatic.com
5 pool.admedo.com 5 redirects
5 sync.targeting.unrulymedia.com 4 redirects ads.pubmatic.com
5 us-u.openx.net 2 redirects u.openx.net
5 gum.criteo.com static.criteo.net
cdn.adpushup.com
gum.criteo.com
contextual.media.net
5 csm.as.criteo.net ads.as.criteo.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 secure.adnxs.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 id.rlcdn.com 2 redirects onetag-sys.com
4 ad.turn.com 4 redirects
4 adpushup-d.openx.net cdn.adpushup.com
4 www.google-analytics.com www.bg3.co
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 ad.360yield.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 ap.lijit.com 3 redirects
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 pm.w55c.net 3 redirects
3 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 px.ads.linkedin.com 1 redirects eb2.3lift.com
3 sync.srv.stackadapt.com 3 redirects
3 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 ads.as.criteo.com googleads.g.doubleclick.net
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
3 www.googletagservices.com googleads.g.doubleclick.net
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
public.servenobid.com
2 um.simpli.fi 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 creativecdn.com 2 redirects
2 cs.admanmedia.com 2 redirects ads.pubmatic.com
2 id5-sync.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 sync.go.sonobi.com 2 redirects
2 ce.lijit.com 2 redirects
2 stags.bluekai.com 2 redirects
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 u.openx.net 1 redirects cdn.adpushup.com
2 rtb2-useast.e-volution.ai 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 tr.blismedia.com 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 dclk-match.dotomi.com 2 redirects
2 adx.holmesmind.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cms.quantserve.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 match.sharethrough.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 cs.emxdgt.com g2.gumgum.com
1 sync.inmobi.com 1 redirects
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.adotmob.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 c21lg-d.media.net contextual.media.net
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 sync.adkernel.com contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 dsp.adkernel.com 1 redirects
1 s.tribalfusion.com 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
1 r.turn.com
1 v9999.adv.admeme.net 1 redirects
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 tlx.3lift.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cksync.yahoo.co.jp googleads.g.doubleclick.net
1 aid.send.microad.jp googleads.g.doubleclick.net
1 campaign.adpushup.com www.bg3.co
1 d-25076016372874357454.ampproject.net cdn.ampproject.org
1 3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 pippio.com Failed public.servenobid.com
0 demand.trafficroots.com Failed ssbsync.smartadserver.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 odr.mookie1.com Failed cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 ssp.disqus.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
560 171

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-24 -
2023-03-26		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-20 -
2023-03-18		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-11-04 -
2023-12-03		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-21		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2023-01-05 -
2023-04-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
cs.minutemedia-prebid.com
Amazon		 2023-01-04 -
2024-02-03		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh

This page contains 98 frames:

Primary Page: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Frame ID: 3A9164929DBF8F8AAE103073579BAE19
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 40F0D023B864CDD9A3C78ACE07148CB6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1B1BCF4735C0D9808275A1A226AD8328
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 49D9D04C1D1A67A04B869A04533ECEDB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1672954680&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954679107&bpp=4&bdt=1270&idt=1433&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3386343362402&frm=20&pv=2&ga_vid=890864016.1672954681&ga_sid=1672954681&ga_hid=1500053407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071200%2C44779343%2C44779794%2C44780792&oid=2&pvsid=3197543272618260&tmod=1950760781&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1453
Frame ID: D5DD12296BF58E77A962E837D87D7EA2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 4941F1F40FFFD59AE854EE772C8A3E4F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2209BCEC85D547C2A4B3AC70BC1EA603
Requests: 9 HTTP requests in this frame

Frame: https://21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 04AFF297C0790DEC385D154CCA0804C6
Requests: 1 HTTP requests in this frame

Frame: https://3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A1EEF871BC19DA9A20FB72D962D4E315
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Frame ID: 3594DD0B30D2E99FC298B5C8B74F4CA3
Requests: 8 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: FC4D2B138DF248AF8AE0DA5D8F78C8A7
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: DB0F4F47B400F0A25DB66414065E0A45
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E671053F9F932E860A4FA927C467375
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-312305399918298783&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3150&oid=2&is_amp=5&amp_v=2212151632002&d_imp=1&c=8258005532&ga_hid=1500053407&dt=1672954682961&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&bdt=5125&dtd=198&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: D65DE8DD982C9388847E3E061A00ADBE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87BD3B16AF12311E3A0D10C917AB2530
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E6B5A43E9583F807B6F6458553878AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5949550688C5758D1A8D2DA1FA6F476
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 796A282A0E866012FBC45AAAA4E59430
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: 17EF7AE20616A7BBCC6E71306A3D9279
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954685690&bpp=3&bdt=533&idt=413&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=2530137337724&frm=8&ife=1&pv=2&ga_vid=996576742.1672954686&ga_sid=1672954686&ga_hid=372403768&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071366%2C44779794%2C44780792&oid=2&pvsid=2693001854364226&tmod=1200168703&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.g01d7kadvf4t&fsb=1&dtd=430
Frame ID: A658C8DD86AD273F4D296F125C25AA2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954685693&bpp=1&bdt=537&idt=435&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2530137337724&frm=8&ife=1&pv=1&ga_vid=996576742.1672954686&ga_sid=1672954686&ga_hid=372403768&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071366%2C44779794%2C44780792&oid=2&pvsid=2693001854364226&tmod=1200168703&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3fj2gt49ztpg&fsb=1&dtd=440
Frame ID: 44C4BFB09F35A8785637ACD939ADB958
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A337F9FFCFC72CE0D78F437BB7A2295
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45758E6441A7F50931A2990A1EC1518F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A98C7B523A559E3F0E698A59A49BEE4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A25FC139D6E443E5C0A6654581C07FE3
Requests: 2 HTTP requests in this frame

Frame: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D9319180C4A38D2A4F64DB484DDF5B7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D164ABC3BF0CE0631E968E3C0C15FE9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDAB1DEF586F32C964066BE1CA9242FB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 923D163B04DBB1E95B75BC6295E89F95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61F648CB21FEF8260085CBA3A9D6AFC1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 238BC37D73E43A5D26A3C426E4DF67B3
Requests: 12 HTTP requests in this frame

Frame: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5792AABD710542EA6A5BC38F0221C94C
Requests: 10 HTTP requests in this frame

Frame: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A07270EDAD1072AF8D4B6B3276E4F0EB
Requests: 10 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: DA7CA2409F3DC18E990C901C0015F426
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75A594DA63E38B9FC9611E937AD0ABA5
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 6667E64023415CD1856F2F9ED2E09FDD
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 21C3D20F732E67D619B5501C40BDFE23
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: FFEDE9F7C2466B89CCAF0DFFCDAC3C58
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5BF4426B63295DC074564CCE8205B5FD
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E44BD63E644028629464F685672842A6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BB79DCA847E96156C9950C62B405053C
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 33B9CE4CA26E735B8E693895437BF43E
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 112D4546E33496426AA194C51B44C880
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 612AB6219B916D4646BE00A3680228BD
Requests: 14 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6C83F98EC039B2E472689EC227BFB2B0
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1672954685877
Frame ID: 0819004496A055897CBFAB36E282FEFB
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1CDFB95B9819B42C160318ABF86B82FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 284376CDF3B2741D45846FEA5C746033
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5E6056E6CBAAB279C6B1F78AACAA81D0
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 49ED87CA7DFAB05BC92B6B48E9A3F65C
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=rkt&refUrl=&vid=29546923003159562927444215000V10&ovsid=1973209966547850478
Frame ID: 1C3E0D4C39DC58EDACE85597CD22513A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Frame ID: 6CC62646987E307C570B4ACE2406657D
Requests: 18 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 50C3BA17419F185F51E2D514C8FF90F7
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A073447756EB635DDAEA6DBEF55C7D47
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: D2B8A4F98A990F1FC5E3EE8A11218808
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 82F84C4F7F5ACC673366F75804853165
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 4963C1001BD964083405487D6D942AE0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 7499CDC471036DE5523873F6EBDD85A5
Requests: 4 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 139B8499F0D398407B027035F24A067A
Requests: 25 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ea6H7h_1HiosylmrB1OyVzJpFF-wh0BwURE3zfMKg
Frame ID: 1E77F6FC4230FBFA24C94B51BE666F96
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 31D54770117F22C6794A5D3E5C24792C
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=c2c06461-9e12-422f-a647-b2a193b86a7e
Frame ID: F303703487524D73850F8FF6CFEB3452
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent=
Frame ID: CB8E293B2FD13FEFB24A6C84FF08C3BE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent=
Frame ID: 1103B4665804B3B9E17F78C1C3FB0DA0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8xNjg0NjI0ZS01NDQ3LTQ0ZWItYTJkMS02YzczNjBiNzQ5ZTE=&gdpr=0&gdpr_consent=
Frame ID: 227746602AC7AA79E92AA6DA7E6CCAE0
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: C6D134E69C0031AB1E1CF0FF15106E3B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y7dDRcCo8YMAAL6eXysAAAAA
Frame ID: 968C9B461EDE6268F9DA9246599EB31E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=263f951b-fb4b-4c2a-a167-4470d1262b49
Frame ID: 19B07781E89048839650107FD018B6CF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
Frame ID: 869557AF145C6D87B8B0E25E23E066A9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ky0Tsui62vfvJAj296xU&pi=gumgum&tc=1
Frame ID: 1A3659CD2A3D44B24F62E4907C3C2D36
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 33E2878C81C63F0D3F9E92F0BB496FC7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 1C06CD6BF7BF59872CB0787826C0F45F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 4EC6F489B588C28C41970BAC6817A161
Requests: 14 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 877873F04604EED5A7199D18AA5BB47D
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 5F874D6D287DE26503D79051DFC3A0E9
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 7362C7AB166BB24F29B545B8C839470B
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: AB67E5A9ED2E8A41C5719AFF2A3003B8
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 2CDBD0E3B2A683D34EC7A4A594ADAA48
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: D79A41ECC9A850E871FC9800C446BE41
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: D20DF270EA8D8BF7A4C02612FD19EB5F
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 64731AACCFD96BBF49AE5E329527241C
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 9959F366D6799F0E708C919EE00612AD
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E8C7EE318579EDBAAA201F77CD35725B
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: F309A34A6E18A050287DAD3461E14194
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 1E301495EB1E7CDEEA6B64F9068E8709
Requests: 1 HTTP requests in this frame

Frame: https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: C7944CC6D66FF607BF214C72D940C16F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 2B4C95E2CC3C3C56989F847057188066
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Frame ID: C1E0AFD33204B771C7F47F10675F0388
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 98FDFF286D785C105208088D7AB50321
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 15B86257F22C5B6D9A5DAFF2642B1D9E
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3AFAFE96ACADD6CE7C1D2F9656233164
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 209008C1E2379C65A363E009D3A5EEFF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=pba&refUrl=&vid=29546923003159562927444215000V10&ovsid=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: A23CBDA1D7215D2660215EF425AC77A5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=
Frame ID: D878EE6D62DE59BE303EFDF8C40002AA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 879C632CD87006BA0C3FE5E3665D2722
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 5976CEC59A631757B0BC950754BA6F54
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: 46E6769127FD3015D682D2722B5F9B8C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Frame ID: CFA6667B5C2B9CDDF0621D9346EFF186
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

戲劇人生成真 總統大咖不好演 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

560
Requests

72 %
HTTPS

0 %
IPv6

112
Domains

171
Subdomains

100
IPs

8
Countries

3360 kB
Transfer

9151 kB
Size

94
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 78
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680722&bpp=11&bdt=1217&idt=1895&shv=r20230103&mjsv=m202212010101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=1&ga_vid=1423935877.1672954683&ga_sid=1672954683&ga_hid=1070031702&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1015081669&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44779793%2C44780792%2C21065725&oid=2&pvsid=3763828046294366&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.p9f7ry2ia6z5&fsb=1&dtd=1917 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 104
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_cver=1&google_push=AavPq0M1IfBAfG0MjW67BZWnSdFXkiEk0tjDL0kiKZvjXhBp__ZyApDM3Ul8f7cjorLZ3J-HjyXMUWbhqx8Z7OhmAhLVc2qZML3N HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5e219256702d1ff7&is_secure=true&networkId=14000&version=1&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_cver=1&google_push=AavPq0M1IfBAfG0MjW67BZWnSdFXkiEk0tjDL0kiKZvjXhBp__ZyApDM3Ul8f7cjorLZ3J-HjyXMUWbhqx8Z7OhmAhLVc2qZML3N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJo71B8lItAANwt0m2AAAAAAA&expiration=1673041084&google_cver=1&is_secure=true&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_push=AavPq0M1IfBAfG0MjW67BZWnSdFXkiEk0tjDL0kiKZvjXhBp__ZyApDM3Ul8f7cjorLZ3J-HjyXMUWbhqx8Z7OhmAhLVc2qZML3N
Request Chain 106
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_cver=1&google_push=AavPq0M_DHAV3Iw59Q__4X8he7Q42l0JHcwM0e3xXryZPGt0fC-i_YHjVNH0h4oCxR_dyEW_YmyyNW5KrpvuDroXeweaJYYNGSPX HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_push=AavPq0M_DHAV3Iw59Q__4X8he7Q42l0JHcwM0e3xXryZPGt0fC-i_YHjVNH0h4oCxR_dyEW_YmyyNW5KrpvuDroXeweaJYYNGSPX&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&google_nid=index&google_push=AavPq0M_DHAV3Iw59Q__4X8he7Q42l0JHcwM0e3xXryZPGt0fC-i_YHjVNH0h4oCxR_dyEW_YmyyNW5KrpvuDroXeweaJYYNGSPX
Request Chain 107
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJHJ-rtJ_8fHIHp-iW-bsqo&google_cver=1&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyoMDFQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyoMDFQ&google_gid=CAESEJHJ-rtJ_8fHIHp-iW-bsqo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyoMDFQ
Request Chain 109
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJM6mkW-_wLIsFNSNE9Aykw&google_cver=1&google_push=AavPq0PPIx_Mo6Py7xDh80oVr-xDWN39eJKtUX8CHfiOJBVpUwAoL8SGWUkERo3lk2aygxmi-KRoq0Vmlat-cprXaO6I65HunsJAnQ8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPeopHU_0GdZmi_NR-7X4TM__q4C5WScg&google_push=AavPq0PPIx_Mo6Py7xDh80oVr-xDWN39eJKtUX8CHfiOJBVpUwAoL8SGWUkERo3lk2aygxmi-KRoq0Vmlat-cprXaO6I65HunsJAnQ8 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 110
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENkn7_j_CvLUWbyf_xNTDQs&google_cver=1&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9c-hlUL1ThUgWBSTFLKvnpo_zao HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENkn7_j_CvLUWbyf_xNTDQs&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9c-hlUL1ThUgWBSTFLKvnpo_zao&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9c-hlUL1ThUgWBSTFLKvnpo_zao&google_hm=UnhBSWcyMHQ3X01UZ2hray1GMUk=
Request Chain 141
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954684103&bpp=11&bdt=306&idt=373&shv=r20230103&mjsv=m202212010101&ptt=5&saldr=sa&correlator=2530137337724&frm=8&ife=1&pv=2&ga_vid=1901509664.1672954684&ga_sid=1672954684&ga_hid=1288943151&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44774649%2C44774653%2C44779794%2C44780792&oid=2&pvsid=4187617558618223&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.7xmamhvhu2ve&fsb=1&dtd=388 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 248
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 251
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENq9-vgyyTXK0GZVt0oaDRE&google_cver=1&google_push=AavPq0MZ8qypZVmPdV_9cA1Ob26OFWGCUvay0EGSWOI_blt-sihhCAKG0n-qX6_L6vkguR91yABaIfsHc0TxS7smbNGP1Nlfn0zid9R6VSTd-26ttFQNmhhtytsgFVOiS-BpvtkCb-7WNb5cnFa4QLrXmMg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENq9-vgyyTXK0GZVt0oaDRE&google_cver=1&google_push=AavPq0MZ8qypZVmPdV_9cA1Ob26OFWGCUvay0EGSWOI_blt-sihhCAKG0n-qX6_L6vkguR91yABaIfsHc0TxS7smbNGP1Nlfn0zid9R6VSTd-26ttFQNmhhtytsgFVOiS-BpvtkCb-7WNb5cnFa4QLrXmMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzJjMDY0NjEtOWUxMi00MjJmLWE2NDctYjJhMTkzYjg2YTdl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c2c06461-9e12-422f-a647-b2a193b86a7e
Request Chain 252
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEKmZ0szATGSYq-xYhpt8r58&google_cver=1&google_push=AavPq0MF0V9bc78jRawe4sy7nxWWHObkpsedsUF4tFx1cPovsSWuTyViAcJ2_PkjpqxKop_SDZMArbWki-mrYZPNY_xstU1WUpYq7Zt-Ob0rrBAhvud3sgd6omfIydpwQWsZ1YeRxkxCk8HMFcKw94HhyHo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0MF0V9bc78jRawe4sy7nxWWHObkpsedsUF4tFx1cPovsSWuTyViAcJ2_PkjpqxKop_SDZMArbWki-mrYZPNY_xstU1WUpYq7Zt-Ob0rrBAhvud3sgd6omfIydpwQWsZ1YeRxkxCk8HMFcKw94HhyHo
Request Chain 254
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0NojuHNL1HlF_iAaxWSZx-GHHH_8pXeQ2vYilmWGqJMU65THRNRPPoRbvre51oS8WQPqCTm6GSmBDq-lVdCPtQoNy8qjOfdbuprWsVrDkPL4Y4XMrJAM-vNTzrtgtTOZZp4m9NOyF0t-g2iSq7ZUQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0NojuHNL1HlF_iAaxWSZx-GHHH_8pXeQ2vYilmWGqJMU65THRNRPPoRbvre51oS8WQPqCTm6GSmBDq-lVdCPtQoNy8qjOfdbuprWsVrDkPL4Y4XMrJAM-vNTzrtgtTOZZp4m9NOyF0t-g2iSq7ZUQ HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a89092ea-b3ef-4471-8fa7-e66ecaa4dfdc&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw&google_hm=vTLP-xE4QBOzTUKhi4PRFw==
Request Chain 255
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJelPhiXAcj5a5KywzD4df8&google_cver=1&google_push=AavPq0OcH5tm_-D--fohPP_zGibccxTnl5br-q7h73RBX1TvqZjHIhcPoF_gJcIEf474cJr_AUw8isoUkXmv_RwIlbLVxn24Zrs-Rqnj1M3y53BSEn4BQgI91UAeYdmXrScf90C7sszgvM-yBg-usbU34Vg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OcH5tm_-D--fohPP_zGibccxTnl5br-q7h73RBX1TvqZjHIhcPoF_gJcIEf474cJr_AUw8isoUkXmv_RwIlbLVxn24Zrs-Rqnj1M3y53BSEn4BQgI91UAeYdmXrScf90C7sszgvM-yBg-usbU34Vg&google_hm=eS1YUmlwS2t4RTJwRUxiaDUwVkJvaVEza3VqTVJnSGlNMn5B
Request Chain 256
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIqGfS5v1zuRNCHyVijt_Q0&google_cver=1&google_push=AavPq0MgFpYdAROq8hR03IN5QHLz5Qsy0UqC4pQNUpwpT85lFm3OZRhe1YN-k8SBATJ1tZGIcD5MikV9ZA4KwTVCzcCJt8fZ8aUQmRxyp26tC0HLPk9IVLoDZVQt22G2tOVQhEzMF9rLbBm_qywpqre1QUc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0MgFpYdAROq8hR03IN5QHLz5Qsy0UqC4pQNUpwpT85lFm3OZRhe1YN-k8SBATJ1tZGIcD5MikV9ZA4KwTVCzcCJt8fZ8aUQmRxyp26tC0HLPk9IVLoDZVQt22G2tOVQhEzMF9rLbBm_qywpqre1QUc&google_hm=UnhBSWcyMHQ3X01UZ2hray1GMUk=
Request Chain 257
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOSKjdF3qREWoWjQMK09nZo&google_cver=1&google_push=AavPq0Pjq2-VJKRyxEbwMbYDGFwlXtnzN146oLYCYVneItTSguMMgiIrp7lrh-S2Ps9Fj8CJFkXJPRpGD6FARN4g17D3RcUjQ2PSiha6y1900Ip5vCo1kwRUgt-bdkiPzKFG0KP5eDMyPH_9g90F6iee_JM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GgbTFnpgTURN47JJTwBmBnRaSso&google_push=AavPq0Pjq2-VJKRyxEbwMbYDGFwlXtnzN146oLYCYVneItTSguMMgiIrp7lrh-S2Ps9Fj8CJFkXJPRpGD6FARN4g17D3RcUjQ2PSiha6y1900Ip5vCo1kwRUgt-bdkiPzKFG0KP5eDMyPH_9g90F6iee_JM
Request Chain 267
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENZRXydZukTWAyRPqJQPJ-A&google_cver=1&google_push=AavPq0MM1gAUqUuJqtV5irhsL1wfuUo6rSO8Gq16vMpnv3E1SpgYwjFoVuJsfH9CfDGxDZZMCciSiqPGkqTGVbm0o0aGg0FfD52g2OE7HY-RdfIxSkGxqjYoG4emMFcPWDOuj3BMYe3aTkJd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY3NzY1Mzc3MjcwNDg3Nzk4OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZRXydZukTWAyRPqJQPJ-A&google_cver=1
Request Chain 268
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDiAQrWuDDRduLrJ6MiXgEg&google_cver=1&google_push=AavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiAQrWuDDRduLrJ6MiXgEg&google_cver=1&google_push=AavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 270
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw&google_hm=vTLP-xE4QBOzTUKhi4PRFw==
Request Chain 271
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJelPhiXAcj5a5KywzD4df8&google_cver=1&google_push=AavPq0OeG6Lq_SPZkT8WqNHx_ysesu43FqlFBO3qaOMDep5PQNkPDbQd93KO3ghtTBcn2Dyd1mbI4M4IWpwc1TmlUHr-CLQqO13lUx70PfTa48QZI2lgt5cjnJzOmO5wYAHllB2FsLZSERE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OeG6Lq_SPZkT8WqNHx_ysesu43FqlFBO3qaOMDep5PQNkPDbQd93KO3ghtTBcn2Dyd1mbI4M4IWpwc1TmlUHr-CLQqO13lUx70PfTa48QZI2lgt5cjnJzOmO5wYAHllB2FsLZSERE&google_hm=eS1LTjhkQTQxRTJwSEhhaGJocV9wOUdWR05FRlQwNEFFdX5B
Request Chain 272
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENJfRikoQAaZaPxbrU0bYZs&google_cver=1&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg-hPVfklQUpPYZmtT5CnWBpX-3p1mH3Z1S4TYg_dvVuMaAnKM9La_acUuQSoRrd01rI HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENJfRikoQAaZaPxbrU0bYZs&google_cver=1&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg-hPVfklQUpPYZmtT5CnWBpX-3p1mH3Z1S4TYg_dvVuMaAnKM9La_acUuQSoRrd01rI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyODA5MjY5NzE3ODc2ODU4NA&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg-hPVfklQUpPYZmtT5CnWBpX-3p1mH3Z1S4TYg_dvVuMaAnKM9La_acUuQSoRrd01rI
Request Chain 273
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESELlMPdyqTJR1irnVQsal-00&google_cver=1&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8c9n8b1VKoOuzYimVxvDI6d4PTUjtxnZ6JJ1s-f9ciK7sD-36tCTOD6C3JVCYukOS HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESELlMPdyqTJR1irnVQsal-00%26google_cver%3D1%26google_push%3DAavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8c9n8b1VKoOuzYimVxvDI6d4PTUjtxnZ6JJ1s-f9ciK7sD-36tCTOD6C3JVCYukOS HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A692387004890502134&exchange=193&google_gid=CAESELlMPdyqTJR1irnVQsal-00&google_cver=1&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8c9n8b1VKoOuzYimVxvDI6d4PTUjtxnZ6JJ1s-f9ciK7sD-36tCTOD6C3JVCYukOS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5MjM4NzAwNDg5MDUwMjEzNA&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8c9n8b1VKoOuzYimVxvDI6d4PTUjtxnZ6JJ1s-f9ciK7sD-36tCTOD6C3JVCYukOS
Request Chain 326
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c2c06461-9e12-422f-a647-b2a193b86a7e&dongle=0cfd
Request Chain 327
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBC-X9cZDiczzXEcp4aU-aE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 329
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4
Request Chain 330
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=868120158182931325398&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=868120158182931325398&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 331
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=868120158182931325398&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3Dbd32cffb-1138-4013-b34d-42a18b83d117%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1f12617703e34a80bebfb98cf8a0063f&ssp=triplelift&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bd32cffb-1138-4013-b34d-42a18b83d117&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 332
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/868120158182931325398?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-sSsEZ1tE2oQ.BLHOIGYjlCCDF1u41nAFsGrdKx0Fvg--~A&dongle=0883
Request Chain 333
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=868120158182931325398 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=868120158182931325398&dcc=t
Request Chain 335
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6154674664221769188&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 336
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2677653772704877988&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 337
  • https://match.adsrvr.org/track/cmf/openx?oxid=2d6fbd84-9e05-759c-dcee-921051a71b49&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=2d6fbd84-9e05-759c-dcee-921051a71b49&gdpr=0&gdpr_consent=
Request Chain 338
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7dDRMCo8YMAAL6eXwoAAAAA
Request Chain 339
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfI6IINtGRxEks8ADzD_5CSP1c8AAAGFg97EQg
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTnZe-gj0dNHeYPVAWd-wI&google_cver=1
Request Chain 344
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=1&gdpr_consent=
Request Chain 346
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
Request Chain 348
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPewgOT1k5fl5KEtF9ZCXPvNE3cO-OC2Q
Request Chain 350
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMSG3Z0GEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 351
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6LXP3CdjzgyXSp2ouQUnbJcR-B7Vbnv_SpXGfnXsJvE
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Request Chain 358
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c2c06461-9e12-422f-a647-b2a193b86a7e&expiration=1675546692&gdpr=0&gdpr_consent=
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEG-6kakZMXGFSjRRxdxGARo&google_cver=1
Request Chain 360
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&dcc=t
Request Chain 361
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMSM09yie8eJ7MCj6ItgtSc&google_cver=1
Request Chain 362
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
Request Chain 365
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7dDRAAJf4UlZAAF HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7dDRAAJf4UlZAAF&_test=Y7dDRAAJf4UlZAAF
Request Chain 370
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 371
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Drkt%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=rkt&refUrl=&vid=29546923003159562927444215000V10&ovsid=1973209966547850478
Request Chain 373
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dapx%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=apx&refUrl=&vid=29546923003159562927444215000V10&ovsid=6154674664221769188
Request Chain 374
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dopx%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=opx&refUrl=&vid=29546923003159562927444215000V10&ovsid=e543d41b-3505-4f7c-bfa1-ec7ee3488995
Request Chain 375
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dmma%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=mma&refUrl=&vid=29546923003159562927444215000V10&ovsid=407b63b7-4344-4900-8e70-1a62e233a297
Request Chain 376
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dr1%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dr1%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D%5BRX_UUID%5D&cb=1672954693209 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2271810496 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE1OTU2MjkyNzQ0NDIxNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIFTftNuzmppQ0xH7lM6X2A&google_cver=1
Request Chain 378
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=dxu&refUrl=&vid=29546923003159562927444215000V10&ovsid=8mOu3Tww1PdxWd5
Request Chain 379
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4377d6e0-08f2-4754-89f1-dcc1fd38bc1c
Request Chain 380
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-IONkR.VE2pn2TwaVlwHgd5WXhv2HDQFVNFYQSQ--~A&expires=5 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=bd32cffb-1138-4013-b34d-42a18b83d117
Request Chain 381
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dzem%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=RxAIg20t7_MTghkk-F1I&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKSPBAUSZZSGB2DOX2NKRTWQ23LFVDDCSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDSNJUGY4TEMZQGAZTCNJZGU3DEOJSG42DINBSGE2TAMBQKYYTAJTWONUWIPJTGE2TSNJWGI4TENZUGQ2DEMJVGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKSPBAUSZZSGB2DOX2NKRTWQ23LFVDDCSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZDSNJUGY4TEMZQGAZTCNJZGU3DEOJSG42DINBSGE2TAMBQKYYTAJTWONUWIPJTGE2TSNJWGI4TENZUGQ2DEMJVGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=RxAIg20t7_MTghkk-F1I&refUrl=&type=zem&vid=29546923003159562927444215000V10&vsid=3159562927444215000V10
Request Chain 382
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3159562927444215000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3159562927444215000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=a677a6bd-9a44-4f1a-ba1a-f8708108e4bb&cs=1
Request Chain 383
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c2c06461-9e12-422f-a647-b2a193b86a7e
Request Chain 388
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 391
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6154674664221769188
Request Chain 392
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F8ASCRZHWT-v1X-NQHebMNug
Request Chain 393
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=F8ASBLZHStWSrf7NRP6IzVBC
Request Chain 394
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1672954693209 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6484280953 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Request Chain 395
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759395240436591
Request Chain 396
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=19bb4c50-80fb-45ee-be86-8a9671366429
Request Chain 397
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34894%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 398
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
Request Chain 399
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAgYaOAE=%26buyeruid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/0/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0=&uid=F8ASBLZHStWSrf7NRP6IzVBC HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F7475%253Fgdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253D0fa4897a-e274-4c27-88fd-e7259d132336%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%25253D%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 302
  • https://prebid.a-mo.net/cchain/2/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=Y7dDOxJA5nEkLlUdyGr4wwAA%264742 HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAgYaOAE=&buyeruid=0fa4897a-e274-4c27-88fd-e7259d132336&gdpr=&gdpr_consent=&us_privacy=
Request Chain 400
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
Request Chain 403
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=&expires=30
Request Chain 404
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKTTBYR1ctTy1NR0k=
Request Chain 405
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LCJM0XGW-O-MGI&ex=d-rubiconproject.com&status=ok
Request Chain 406
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wd586afSSTGGf-MGN1n6Tg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wd586afSSTGGf-MGN1n6Tg
Request Chain 407
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCJM0XGW-O-MGI
Request Chain 408
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qOG4qPyi7IrYyw55qSG2iA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.sJ9yzRE2oKsXdX_kUklTYjXUzYrF.qMk348OA--~A
Request Chain 409
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgxM2U1Mzk4NzI4OGRjZmNkODMxNzE2OWM0ZWI5ZDRjYWE3ZDhkNQ
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6xGKiUJ_IyOGzw12-rUfE&google_cver=1
Request Chain 411
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6154674664221769188
Request Chain 412
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
Request Chain 413
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOKbk7HbocAACIYA6aQHw&expiration=1674164293
Request Chain 414
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d9af63b7-4344-4a00-8db0-1a67be119b91
Request Chain 415
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6154674664221769188
Request Chain 416
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=360a9628-d1a8-a2f6-8f73bbbc
Request Chain 417
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
Request Chain 418
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 420
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPexUWy6qEpuAWT6508dop6s-PsDkunDw
Request Chain 422
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=0&gdpr_consent=
Request Chain 423
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LCJM0XGW-O-MGI&gdpr=0
Request Chain 424
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6154674664221769188
Request Chain 426
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3455036589987631835
Request Chain 427
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
Request Chain 428
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTcyOTQ0RjgtRTJCMC00N0NGLTlBQjUtMDVFMzRCMTE0RjRD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 429
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
Request Chain 430
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Request Chain 431
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5928092697178768584&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=&us_privacy=
Request Chain 434
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6154674664221769188
Request Chain 435
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_1684624e-5447-44eb-a2d1-6c7360b749e1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0935cd17-7974-430f-9dad-28ff55dbaaa9&user_group=1&ssp=gumgum2&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=bd32cffb-1138-4013-b34d-42a18b83d117
Request Chain 436
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1a06d316-7a60-4d44-4de3-b2494f006606$ip$116.90.74.202
Request Chain 437
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_1684624e-5447-44eb-a2d1-6c7360b749e1&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=RxAIg20t7_MTghkk-F1I&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2UTYIFEWOMRQOQ3V6TKUM5UGW2ZNIYYUSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2UTYIFEWOMRQOQ3V6TKUM5UGW2ZNIYYUSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RxAIg20t7_MTghkk-F1I&us_privacy=1---
Request Chain 438
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1672954693347 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2701999339 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
Request Chain 439
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=4anSi1d3XpFj&ev=1&pid=558355
Request Chain 440
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28H9ZjksOytyXhvfuPu_1SLApgP_VTy_gABouu6UogUbZi2fVvdcidPB8NZUqJrX-3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28H9ZjksOytyXhvfuPu_1SLApgP_VTy_gABouu6UogUbZi2fVvdcidPB8NZUqJrX-3%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_1684624e-5447-44eb-a2d1-6c7360b749e1&obuid=ENC(H9ZjksOytyXhvfuPu_1SLApgP_VTy_gABouu6UogUbZi2fVvdcidPB8NZUqJrX-3) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Request Chain 441
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=da5219f4-b610-4dca-bb95-82fd99f71a0f
Request Chain 442
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-vp.Nj75E2pd5R4FfiOlTL12bk0flPqf4q1Ja~A
Request Chain 443
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=c3fc9fd0-dfc2-4408-a2e4-2d48544751ad
Request Chain 446
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=9003dbe3-7636-4ea7-88f9-833aed714060
Request Chain 447
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5283131600680293057
Request Chain 449
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ea6H7h_1HiosylmrB1OyVzJpFF-wh0BwURE3zfMKg
Request Chain 451
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=c2c06461-9e12-422f-a647-b2a193b86a7e
Request Chain 452
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent=
Request Chain 453
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent=
Request Chain 456
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y7dDRcCo8YMAAL6eXysAAAAA
Request Chain 457
  • https://cs.admanmedia.com/sync/gumgum?puid=a_1684624e-5447-44eb-a2d1-6c7360b749e1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=263f951b-fb4b-4c2a-a167-4470d1262b49
Request Chain 458
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
Request Chain 459
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ky0Tsui62vfvJAj296xU&pi=gumgum&tc=1
Request Chain 460
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 461
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkJDMUNFMzAtNEY2Mi00RTA3LThDNTYtQTU3NjYzQzUzNkM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 462
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36602%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/0/36602?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=adform&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=5928092697178768584 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F36602%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/3/36602?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=6154674664221769188 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=0fa4897a-e274-4c27-88fd-e7259d132336&gdpr=&gdpr_consent=&us_privacy=
Request Chain 463
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212071945413904
Request Chain 465
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7f2be5f9b7e531b3aa2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 466
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=87926d14-9734-4a42-9270-8ce083a8d200&gdpr=0
Request Chain 467
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&zcc=1&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D&cb=1672954693459 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4085024595 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
Request Chain 468
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=deb48297-63e2-43b5-87ae-a658ae928e88
Request Chain 469
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=9003dbe3-7636-4ea7-88f9-833aed714060
Request Chain 470
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=0b5e14b8-d8dd-5406-b64c-69b1d5fb2af7
Request Chain 471
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A&gdpr=0
Request Chain 472
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=19bb4c50-80fb-45ee-be86-8a9671366429
Request Chain 473
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=868120158182931325398
Request Chain 474
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpZaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5NSZpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAhsaOAE=%26buyeruid%3D%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D343983%26t%3Dimage%26uid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F20117%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dzeta%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNzY5NzEmZHNwPTM0Mzk4MyZ0PWltYWdlJnVpZD0%253D%26uid%3D%24UID
Request Chain 475
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
Request Chain 476
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=6154674664221769188
Request Chain 477
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=4anSi1d3XpFj&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Request Chain 478
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=5283131600680293057&gdpr=0&gdpr_consent=
Request Chain 479
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=b4365f80-e197-4ac8-a476-8be711a491ac
Request Chain 481
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=263f951b-fb4b-4c2a-a167-4470d1262b49
Request Chain 482
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=F8ASBLZHStWSrf7NRP6IzVBC
Request Chain 483
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bd32cffb-1138-4013-b34d-42a18b83d117&ssp=minutemedia&gdpr=0&gdpr_consent=
Request Chain 485
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 490
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LCJM0XGW-O-MGI HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LCJM0XGW-O-MGI
Request Chain 491
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LCJM0XGW-O-MGI HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCJM0XGW-O-MGI
Request Chain 492
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPeN7qcGiwJkK_QqqkbuQ8CWSZNe3FH9w
Request Chain 494
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=krfbmAuY2d4jEk4dKcAekP7CraHBR77mP2YUv404FBw
Request Chain 496
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=1&gdpr_consent=
Request Chain 498
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
Request Chain 503
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Request Chain 505
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 507
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=ygmaxyuqnkg HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 508
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6154674664221769188&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 509
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1a_Z3devj9vOrYKP2q-WjNv4gt7OrYKPh66Y8UpQ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 510
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 511
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GgbTFnpgTURN47JJTwBmBnRaSso HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 512
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=JuhvTsv8DpyAuez6RkO3Yw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 515
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=c196bdcb882d42e89222b0bce4bd0cd3 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 517
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8mOu3Tww1PdxWd5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 519
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1345275028 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Request Chain 523
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 525
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b_OfNdT0Re2lAPinmDl39A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 526
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a8755660-5eb2-4325-9aab-28ebff182f0c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=a8755660-5eb2-4325-9aab-28ebff182f0c%2C%2C
Request Chain 527
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=&ct=y
Request Chain 528
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6FF39F35-D4F4-45ED-A500-F8A7983977F4&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6FF39F35-D4F4-45ED-A500-F8A7983977F4&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZGMzlGMzUtRDRGNC00NUVELUE1MDAtRjhBNzk4Mzk3N0Y0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECUhXMRIldWDSWou1t63q0g&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Request Chain 531
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:86638E7BFB584693AD2D06680E0D97CA HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 533
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 534
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b_v2EipE2uUm4fAhV9SOaje_rS8YgOM-~A&gdpr=0
Request Chain 535
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8a41dd2f-0315-4d0f-8add-e42616441d1a&user_group=1&ssp=pubmatic&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 536
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5928092697178768584
Request Chain 537
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2677653772704877988&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 302
  • https://prebid.a-mo.net/cchain/2/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%3D&uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE56azRNQzFoT1RJM0xUTmxNalF0WVdSaE15MWtaVEF3TVdWaE1tVXdPRFlRX19fX19fX19fX19fQVNwVGFIUjBjSE02THk5aFpITXVjMlZ5ZG1WdWIySnBaQzVqYjIwdmMzbHVZejl3YVdROU16UTJKblZwWkQxMVlTMHdZelZoTnprNE1DMWhPVEkzTFRObE1qUXRZV1JoTXkxa1pUQXdNV1ZoTW1Vd09EWXlBZ1lhT0FFPSZidXllcnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-0c5a7980-a927-3e24-ada3-de001ea2e086&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYq7wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vNC83NDc1P2dkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mQT0wZmE0ODk3YS1lMjc0LTRjMjctODhmZC1lNzI1OWQxMzIzMzYmYmlkZGVyPXpldGEmY2J4PWFIUjBjSE02THk5emMzQXVaR2x6Y1hWekxtTnZiUzl0WVhSamFEOWlhV1JrWlhJOU5pWnlQVU5wWkRGWlV6QjNXWHBXYUU1NmF6Uk5RekZvVDFSSk0weFVUbXhOYWxGMFdWZFNhRTE1TVd0YVZFRjNUVmRXYUUxdFZYZFBSRmxSWDE5ZlgxOWZYMTlmWDE5ZlFWTndWR0ZJVWpCalNFMDJUSGs1YUZwSVRYVmpNbFo1WkcxV2RXSXlTbkJhUXpWcVlqSXdkbU16YkhWWmVqbDNZVmRST1UxNlVUSktibFp3V2tReE1WbFRNSGRaZWxab1RucHJORTFETVdoUFZFa3pURlJPYkUxcVVYUlpWMUpvVFhreGExcFVRWGROVjFab1RXMVZkMDlFV1hsQloxbGhUMEZGUFNaaWRYbGxjblZwWkQwJTNEJnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAhgMOAE=&gdpr=0&gdpr_consent=
Request Chain 538
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=590d96531cde1ff7&is_secure=true&networkId=17100&version=1&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALWzXAkUZfwwNF7Lp9AAAAAAA&expiration=1673041095&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 539
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6154674664221769188
Request Chain 544
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5928092697178768584&gdpr=0&gdpr_consent=
Request Chain 545
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8a41dd2f-0315-4d0f-8add-e42616441d1a&user_group=1&ssp=smartadserver&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=
Request Chain 546
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Request Chain 548
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LCJM0XGW-O-MGI HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LCJM0XGW-O-MGI
Request Chain 549
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LCJM0XGW-O-MGI HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCJM0XGW-O-MGI
Request Chain 556
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86638E7BFB584693AD2D06680E0D97CA&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 558
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=407b63b7-4344-4900-8e70-1a62e233a297
Request Chain 559
  • https://idsync.rlcdn.com/420486.gif?partner_uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=82616ae3cb60e416dab96157f17b99675f061dcf80d8bc004351b311db950d70791426b5417dce21&_=2

560 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
www.bg3.co/a/ 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4fa0d4544eb0db99495aac006d5de7d03a370ea41357b832252f067ee7e64a2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 21:37:57 GMT
ETag
"d885-uZCCiDqUgdOVRc8l8CAqzAznpto"
Expires
Thu, 05 Jan 2023 22:37:57 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
eef6e50516dd1bc5e94db6685463176f5c05db0d2a21fe90aa3d3a3871a5b8ae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 21:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72715
x-xss-protection
0
server
sffe
etag
"2335c83c0d5cefcd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 21:37:58 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
76a862dba57901fcc377abc56285bfd9eda47c05a5cb86b80da26cc404d5d50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 21:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9680
x-xss-protection
0
server
sffe
etag
"e3094a98d196989d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 21:37:58 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5f3d992a8f5c1c422eaa51d219c1459bac9dad5cba9ecb372082de08e47b3944
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 21:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7579
x-xss-protection
0
server
sffe
etag
"44defd1436524ccc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 21:37:58 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 21:37:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31976
x-xss-protection
0
server
sffe
etag
"e8e1d0567eb4b7ef"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 21:37:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
febfb13abd60ea3fd7fb0e2682260b7459e02a4115fb69516edc9418d848c730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49322
x-xss-protection
0
server
cafe
etag
3501875392287199811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:37:58 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:37:59 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 06:34:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a2a8f0-b1a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1ntAcPb5n7Yvv3aTo0P3gyVxTYCzeT7KbB3VxcVzgOQwWe08Yny92EP1aSMkXp4w4fUw6fX0GX0%2F3I7gAxYBt%2BjRyyYimJOESHOrEgH812vVnx66gFTtd1PZs4t6c1JJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
784f5bb8eebd5581-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45472

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 05 Jan 2023 21:37:59 GMT
content-encoding
br
last-modified
Thu, 05 Jan 2023 08:00:31 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
NZ
content-length
9215
expires
Thu, 05 Jan 2023 22:37:59 GMT
adpushup.js
cdn.adpushup.com/42753/ 		527 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
502b0472f8a19527b2e8406234aa37b8941dc3c4fe9c8128e45ce5d48bff3a3d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 05 Jan 2023 21:37:59 GMT
content-encoding
br
last-modified
Thu, 05 Jan 2023 11:24:35 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
117231
expires
Thu, 05 Jan 2023 22:37:59 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
82085f26fbb972cc9755e65d84661a409d8a8ef753b67fb2422c3fcb80a0519c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119965
x-xss-protection
0
server
cafe
etag
2252877084482164754
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:37:59 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 40F0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
45410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 09:01:09 GMT
etag
10353107486223812946
expires
Thu, 19 Jan 2023 09:01:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bd2a26fa71903802ab74e0befad037af.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/bd2a26fa71903802ab74e0befad037af.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5a44e05d85cdff30de4b60039c1d9261.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5a44e05d85cdff30de4b60039c1d9261.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0c2218968a784b80a3731b45a1ec1915.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0c2218968a784b80a3731b45a1ec1915.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0b61a3d8c272b71220fe9a9f4dc10f64.jpg
static.bg3.co/imgs/202101/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202101/0b61a3d8c272b71220fe9a9f4dc10f64.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f3d2752073274d2e981ec63a35de3b12.jpg
static.bg3.co/imgs/202102/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202102/f3d2752073274d2e981ec63a35de3b12.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
254a03efee359e683f9eab3ae6745ca2.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/254a03efee359e683f9eab3ae6745ca2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
28448237c53c4f629da3958e8d8539d2.jpg
static.bg3.co/imgs/202202/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/28448237c53c4f629da3958e8d8539d2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
600d78a73c237d372fc23b986e61e19a.jpg
static.bg3.co/imgs/202101/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202101/600d78a73c237d372fc23b986e61e19a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0de5186e0ad6a223523c75b537fb414c.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/0de5186e0ad6a223523c75b537fb414c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8e7e2a2f2f8b3fe8b08aee12f5a4ef9a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/8e7e2a2f2f8b3fe8b08aee12f5a4ef9a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e4a73656c934f0588f279a8c7b1c6864.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e4a73656c934f0588f279a8c7b1c6864.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6d38d17e1960745e3a768274dad825dc.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6d38d17e1960745e3a768274dad825dc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9b4ad80c085492e1e227be0648a6bcff.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9b4ad80c085492e1e227be0648a6bcff.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9b49295894d3fa4082b3724bcb151b66.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9b49295894d3fa4082b3724bcb151b66.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d5263dee18160833c87f63c1d4678c93.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/d5263dee18160833c87f63c1d4678c93.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c1172f32b573730c3e9fe11b0dd6e949.jpg
static.bg3.co/imgs/202102/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202102/c1172f32b573730c3e9fe11b0dd6e949.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
172dd4c86f9b18820d4d81371bd1fe0b.jpg
static.bg3.co/imgs/202109/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202109/172dd4c86f9b18820d4d81371bd1fe0b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ab7f6cee67068f7013c2ecdf7cac1b98.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ab7f6cee67068f7013c2ecdf7cac1b98.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1f9e7b8c32ee9bd38ba25ca9fa1bdefb.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1f9e7b8c32ee9bd38ba25ca9fa1bdefb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fc5a447e20fedab9ac2f1a953c43d1aa.jpg
static.bg3.co/imgs/202101/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202101/fc5a447e20fedab9ac2f1a953c43d1aa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8ae50210b4fc9f6274267cc6928c5241.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8ae50210b4fc9f6274267cc6928c5241.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
c854904ff9b174279124c373152be17b526b1f829856f24d6de4b89c7446c413
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
87580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2984
x-xss-protection
0
server
sffe
etag
"b39fe751b85842c3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
987cf494483d44d5e01fe5928229625d7536ed129be62d788091bf001443f9ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
87580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
server
sffe
etag
"57f88572ba60044c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
37114603e314b43008c3dbe162e09b40cf2cb2a59a20742eca949a04bca77f3a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
87580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23092
x-xss-protection
0
server
sffe
etag
"4ee34b5363236044"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
61e8a8d677d7b2f3ac3bfa393d6be3e01c26d6a656b1119fbb2a359518542a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
457
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:37:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10543
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA7AS11ti5Ht10SHgwp5wp6Y2UoH%2FWOQP8GYCWAFenb6ljFiDQ8srACN2FYnXKJQtEpgwWu7SERKkw9i6eBYsm7%2FBjicx0Vn56RHcUNYDmpuHz%2BuduTBarUlYJFq906aJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
784f5bbb58215581-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:00 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:00 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.15343832298038085&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:00 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6668293451470548&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:00 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMqi3Z0GEogBCiQxZjZjMWY4NS1mYjkwLTRjNDktOTRiMy1iY2Y2ZTk2YTQyNTEQ+OiCoKvU+wIaBgi6ht2dBiINMTE2LjkwLjc0LjIwMijAlAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDA5NTRkZGY3LWI3NGItNDkyMy1iMjA1LTRlYzQ3MjZmMTM4ZBi46QEiGAgCEhRjZHMyMTAubGEzLmh3Y2RuLm5ldA==.be8pEWVRLNQKUlKBMg2py1Y5HPpA7WcnIEBL0ygIm9M=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1672954682.dop201.la3.t,1672954682.cds204.la3.hn,1672954682.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
b7c80316a514c0892bcf6f6c1966a463dfbb379d97c0fdcefb666408f17ed0dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
87580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10297
x-xss-protection
0
server
sffe
etag
"6829dd3b11eb1a2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMqi3Z0GEogBCiQxMGExNDcyMy05MDIxLTQxMDAtYTdjZi0yOWJkYzUyNTEwNjkQ+OiCoKvU+wIaBgi6ht2dBiINMTE2LjkwLjc0LjIwMijAlAMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDRlZWI4MTNmLTVmY2QtNDViZi04ZTNkLTRkNTU4OWRkMWMzYRib8QEiGAgCEhRjZHMyNjcubGEzLmh3Y2RuLm5ldA==.mRugxevDxhqHoaYuhiXxZIH1IJbURTzJYaR8nZMuNas=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1672954682.dop201.la3.t,1672954682.cds204.la3.hn,1672954682.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
gtag.json
cdn.ampproject.org/rtv/012212151632002/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Jan 2023 05:14:19 GMT
age
59021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"83a6a9d640e3080e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 05 Jan 2024 05:14:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1B1B 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
6701244e91859aa933b1f108dfcc493b4a2a3f5ebaf82955adbf87d449e18815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34195
x-xss-protection
0
server
cafe
etag
16828377373646095030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 49D9 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
4ed1300d1f068791adc415ff8ff6b572fbf29bce9c5cf684484d79cf1cad0f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34159
x-xss-protection
0
server
cafe
etag
9655106881693648544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-5961800537962381&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
6d6a12115663de93e4fb248daaada33bf516d3df4e0d794a5e5a19d2ddf6f69d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D5DD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1672954680&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954679107&bpp=4&bdt=1270&idt=1433&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3386343362402&frm=20&pv=2&ga_vid=890864016.1672954681&ga_sid=1672954681&ga_hid=1500053407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31071200%2C44779343%2C44779794%2C44780792&oid=2&pvsid=3197543272618260&tmod=1950760781&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1453
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
f2b7161e9df7ec6be5875e1925c2af8bd22a465c2cb826289b89e72f806648e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
3981
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:01 GMT
expires
Thu, 05 Jan 2023 21:38:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 4941 		714 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
11431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
784f5bc20d11aaf6-SYD
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 21:38:00 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PBMTHn2Fn6bozhiW%2BvFAfQPFVhW3AOJVF4R%2Bnmdl2wFrJfVLwirHLEDBtAHLdw8FIx2l6KP4Eq4a5PgKQEyCBu6JxY5CvvN%2FstEJ%2FM%2BaEBxed4g389damyCpP8P%2BFbdTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:02 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 2209 		714 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
11431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
784f5bc22d1eaaf6-SYD
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 21:38:00 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lS03L10gwDj2WMZJ9E5Y2WizaMahauGS0LASUWr6MTqVikyGO2a%2FSGOImrEk4pjlshT3nGpXlo5ihJA%2Fr8cchYgX%2FfTB2I%2FIMCi2wbhUUEW1M2JkIZ%2BGwz%2F0ImT2Hb%2FC3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ Frame 1B1B 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
f0eb7973201ca402f42c8038faad3b8f64d79aabd911aeb633fbcb5765385ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119726
x-xss-protection
0
server
cafe
etag
9259338840925640113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:02 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 49D9 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
c42b451066222f15cacbdcac598d65cf8481e7e206e7e79131ecc0c961994ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
8093513532204704501
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4941 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6ffff63ecb5376dedf3ba16f233578f7c606435b9007be46a4cb0adcf39fe496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27583
x-xss-protection
0
server
sffe
etag
"1443 / 471 of 1000 / last-modified: 1672920271"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 21:38:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2209 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6ffff63ecb5376dedf3ba16f233578f7c606435b9007be46a4cb0adcf39fe496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27583
x-xss-protection
0
server
sffe
etag
"1443 / 372 of 1000 / last-modified: 1672920271"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 21:38:00 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 05 Jan 2023 21:38:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ Frame 4941 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Dec 2023 08:54:27 GMT
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ Frame 2209 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564214
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Dec 2023 08:54:27 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%88%B2%E5%8A%87%E4%BA%BA%E7%94%9F%E6%88%90%E7%9C%9F%20%E7%B8%BD%E7%B5%B1%E5%A4%A7%E5%92%96%E4%B8%8D%E5%A5%BD%E6%BC%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-fKfH_EzXGIx_aV8GYZ258g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4130597433994059&gjid=0.4339158502988405&_r=1&a=5532&z=0.9450669247975714&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
fbd1e8b96c46848db89a70d3e4612e5ac22b113200bc3b376094eeed4cd0e3fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 21:38:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7860
x-xss-protection
0
server
sffe
etag
"ccc714ecb8377507"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Jan 2023 21:38:02 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 4941 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4941 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4941 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4029936184936943&correlator=952454553991851&eid=31071185%2C31071296%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1672954682335&lmt=1644386353&dlt=1672954680734&idt=1579&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=enp0une9nnb6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=265764941.1672954682&ga_sid=1672954682&ga_hid=802650051&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
385a4b2dcb0907fe0928375c8d857ed0b2221954ec8a3464b921ff17d5656f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04AF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:03 GMT
expires
Fri, 05 Jan 2024 21:38:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 2209 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2209 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2209 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1237381443970703&correlator=562208301816446&eid=31071186%2C44780792%2C21065724%2C31071010&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1672954682370&lmt=1644386353&dlt=1672954680742&idt=1619&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=lwqzp0tyxsj6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1689529042.1672954682&ga_sid=1672954682&ga_hid=776478121&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ec85aee9632f830ae27b6fabdfcb80d250113d0adb3af8dbadc2d867bd0a3974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:03 GMT
expires
Fri, 05 Jan 2024 21:38:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0fddacb1b4b94539fcb975e43c63d6b8fb2257f1c6cdefa318d156d4e5a57374
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:25:17 GMT
age
87165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57948
x-xss-protection
0
server
sffe
etag
"beb5ab581ca1065f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:25:17 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1B1B 		379 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
9721825fbdb0051571a5abcda53905627ac5953e3ed42bbc3be70635ecd6c0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 1B1B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1B1B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3594 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
69e771e0a2b4ee99cdaaf51f0a61e34588b56d24b0ddb0132e608629f87fb735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
11687
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:02 GMT
expires
Thu, 05 Jan 2023 21:38:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 49D9 		379 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
68a40ec286beafd4e0b2eab224a7df8016c79cab189815588693bf5e606eb0ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 49D9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 49D9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame FC4D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-99.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
445
content-length
673
content-type
text/html
date
Thu, 05 Jan 2023 21:30:39 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8f2472155c3b6e146855be1d54e7188c.cloudfront.net (CloudFront)
x-amz-cf-id
18inbEvOAUEXMv9-ZlCGRCzXD2vvkeNDRkFPjyTxIgDwbThmfc2CIg==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:02 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-25076016372874357454.ampproject.net/2212151632002/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-25076016372874357454.ampproject.net/2212151632002/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
block.jpg
delivery.adrecover.com/ 		281 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1672954683019
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
Akamai Image Server /
Resource Hash
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-image-server-fetch-real
54
date
Thu, 05 Jan 2023 21:38:03 GMT
x-image-server-cost-real
18795
x-akamai-im-skip-dlr
1
x-image-server-cpu-estimate
7
x-image-server-response
request-9207413-98503284-1ed70902
x-akamai-device
mobile:false&tablet:false
x-image-server-cost-estimate
18795
content-length
281
x-image-server-product
AIC
x-akamai-country
NZ
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
Akamai Image Server
x-im-policy-version
1
x-image-server-cpu-real
8
etag
"60d2d6c2-277"
x-image-server-store-time
1672954683
x-im-result-width
1
x-im-original-width
1
access-control-allow-origin
*
content-type
image/jpeg
cache-control
no-transform, max-age=3600
x-image-server-original-size
631
x-image-server-fetch-estimate
52
expires
Thu, 05 Jan 2023 22:38:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3594 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
63862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:53:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3594 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
63862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:53:41 GMT
l
www.google.com/ads/measurement/ Frame 3594 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEtoMZStqQ_K1UPMpQovlrtLSrw57hFH5mFkopYNOFb8WvAy0JqebVBX8EdYAnnB3VWsmBGUdp7eZh6CrENSz2qqb12w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3594 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3594 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyYKkOkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5AFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQLade6FotrsMUwR2SLEDYR2vBa5yzSyLIK4qlfgcwP658sz7eekiABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=ulGl5b09A4E&uach_m=[UACH]&cid=CAQSKQDq26N9dbEbrL9NKyU1KxxCmQ5cQCVfQhDhLSU6KJeFqBn1Yj10T2OIGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 21:38:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 3594 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k43fEZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQOkO3Y-dCDFemaZuMHjxcABIAAA&wp=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
157687
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame DB0F 		140 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ff84e628b228a8918ff266ede2497646f017753d8f5c709331a2e15bf881a408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:03 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=cR1ec-K5SWhedqllSIcNUxAx5zKM5tnnkc-NEKb6HH-DDeJkrGfdBtKlt90_FMAbXq8REeNDxpD9HO0pozai79ySh-3vDnKtApxV3Oq2RrblaqLyp8zCf7F4kyMR0EPjx7sDagxpmrzgJpCJzeZaZzJAoepZ6gPy65V2GQEG0q6Cbb0lshWjCPll1iTWw-gQwxMdFLFg5ENBEHBvX6JhX-FFX-EQPxl9oxYgXaok-nNDBpnm8mb8iVDZQ3PJX3ae43nyVMxewyaHk8J0"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
83629923
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7E67 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
48948
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 08:02:15 GMT
etag
48472445140208031
expires
Fri, 06 Jan 2023 08:02:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D65D 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-312305399918298783&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3150&oid=2&is_amp=5&amp_v=2212151632002&d_imp=1&c=8258005532&ga_hid=1500053407&dt=1672954682961&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&bdt=5125&dtd=198&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4941 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
cfaedc868d74cf80dffb59cc3ccd2e56fcb0ad6ac4c51af72a60303a7e0b8480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12422
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
94168
expires
Fri, 05 Jan 2024 21:38:04 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
211
expires
Fri, 05 Jan 2024 21:38:04 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
18371
expires
Thu, 05 Jan 2023 22:38:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
6ffff63ecb5376dedf3ba16f233578f7c606435b9007be46a4cb0adcf39fe496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27583
x-xss-protection
0
server
sffe
etag
"1443 / 367 of 1000 / last-modified: 1672920271"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 21:38:03 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzI5NTQ2ODMzNTksInBhY2tldElkIjoiMDAwMEE3MDEtYzIzOWQzNDctNWI5Ny00MmE0LTk5MGQtZTllYzU2MDYzNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWp1LXJlbi1zaGVuZy1jaGVuZy16aGVuLXpvbmctdG9uZy1kYS1rYS1idS1oYW8teWFuLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=6978.799999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzI5NTQ2ODMzNTksInBhY2tldElkIjoiMDAwMEE3MDEtYzIzOWQzNDctNWI5Ny00MmE0LTk5MGQtZTllYzU2MDYzNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWp1LXJlbi1zaGVuZy1jaGVuZy16aGVuLXpvbmctdG9uZy1kYS1rYS1idS1oYW8teWFuLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=6979.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzI5NTQ2ODMzNTksInBhY2tldElkIjoiMDAwMEE3MDEtYzIzOWQzNDctNWI5Ny00MmE0LTk5MGQtZTllYzU2MDYzNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWp1LXJlbi1zaGVuZy1jaGVuZy16aGVuLXpvbmctdG9uZy1kYS1rYS1idS1oYW8teWFuLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=6979.799999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
11718
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Fri, 06 Jan 2023 01:38:04 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzI5NTQ2ODMzNjUsInBhY2tldElkIjoiMDAwMEE3MDEtYzIzOWQzNDctNWI5Ny00MmE0LTk5MGQtZTllYzU2MDYzNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWp1LXJlbi1zaGVuZy1jaGVuZy16aGVuLXpvbmctdG9uZy1kYS1rYS1idS1oYW8teWFuLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6984.699998855591
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzI5NTQ2ODMzNjgsInBhY2tldElkIjoiMDAwMEE3MDEtYzIzOWQzNDctNWI5Ny00MmE0LTk5MGQtZTllYzU2MDYzNGNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpLWp1LXJlbi1zaGVuZy1jaGVuZy16aGVuLXpvbmctdG9uZy1kYS1rYS1idS1oYW8teWFuLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6987.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2209 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ce6d01d1cc11f21a8c3d5b9258c2ab2824954ced81702b7b94b0c141864ff8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12508
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 7E67
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_cver=1&google_push=AavPq0M1IfBAfG0MjW67BZWnSdFXkiEk0tjDL0kiKZvjXhBp__ZyApD...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5e219256702d1ff7&is_secure=true&networkId=14000&version=1&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_cver=1&google_push=AavPq0M1IfBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJo71B8lItAANwt0m2AAAAAAA&expiration=1673041084&google_cver=1&is_secure=true&google_gid=CAESEETUd4xlS_i6FtHuVP-q3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJo71B8lItAANwt0m2AAAAAAA&expiration=1673041084&google_cver=1&is_secure=true&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_push=AavPq0M1IfBAfG0MjW67BZWnSdFXkiEk0tjDL0kiKZvjXhBp__ZyApDM3Ul8f7cjorLZ3J-HjyXMUWbhqx8Z7OhmAhLVc2qZML3N
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJo71B8lItAANwt0m2AAAAAAA&expiration=1673041084&google_cver=1&is_secure=true&google_gid=CAESEETUd4xlS_i6FtHuVP-q3wU&google_push=AavPq0M1IfBAfG0MjW67BZWnSdFXkiEk0tjDL0kiKZvjXhBp__ZyApDM3Ul8f7cjorLZ3J-HjyXMUWbhqx8Z7OhmAhLVc2qZML3N
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
asr
aid.send.microad.jp/g/ Frame 7E67 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEPPdBVafCa5zuoB5rnVscuU&google_cver=1&google_push=AavPq0M2IdXcWEb0Pe7jvhynnEJIeJzYhEBCeTZPnPspQNanJ7u-lUka1G3Amllbl-hJ-M5N1HFmsi8KRbl_nqw9KQVFM_X_EHgnpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:04 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 7E67
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&google_nid=index&google_push=AavPq0M_DHAV3Iw59Q__4X8he7Q42l0JHcwM0...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&google_nid=index&google_push=AavPq0M_DHAV3Iw59Q__4X8he7Q42l0JHcwM0e3xXryZPGt0fC-i_YHjVNH0h4oCxR_dyEW_YmyyNW5KrpvuDroXeweaJYYNGSPX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BaqtJofXhViu0Kbh1GubwRTvCdYjximchphmQBmylyCMOIEHPYyJRWCKS57VT2FuldMkaZbSsMgA1mxYhCrivWNSvVzH%2FRtyCBpYRFmibRVrRPjCraUpWhKcZzkx5JdQ8J3H5ZeVdLpkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJA9IbGEorMiJ1lY47PeYuQ&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&google_nid=index&google_push=AavPq0M_DHAV3Iw59Q__4X8he7Q42l0JHcwM0e3xXryZPGt0fC-i_YHjVNH0h4oCxR_dyEW_YmyyNW5KrpvuDroXeweaJYYNGSPX
cache-control
no-cache
cf-ray
784f5bd82cd5a814-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 7E67
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJHJ-rtJ_8fHIHp-iW-bsqo&google_cver=1&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyo...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyoM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEP...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyoMDFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4&google_push=AavPq0PVDgJ4HQiM3_EdvH0SYLmYcJP27scjMLp78PM5A5sAj72pOunT-B5XcfEPHE_cCOnIRbnv49bxcYd4eSSRVNj0wPpPyoMDFQ
date
Thu, 05 Jan 2023 21:38:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sspsync
cksync.yahoo.co.jp/ Frame 7E67 		35 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEFarU72nqw78BzmYet5XUhI&google_cver=1&google_push=AavPq0NazTNoXcWZK07BbfwGsV6KEj6UhYqMB1Y2bfk2xm3f8AptzxvOuV9PKLfi-E1Pv8mxw84mfRYDpAZzp6qCQMZaNMEvJiArtOg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.16.123 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
x-content-type-options
nosniff
server
ATS
age
1
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
/
onetag-sys.com/match/ Frame 7E67
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJM6mkW-_wLIsFNSNE9Aykw&google_cver=1&google_push=AavPq0PPIx_Mo6Py7xDh80oVr-xDWN39eJKtUX8CHfiOJBVpUwAoL8SGWUkERo3lk2aygxmi-KRoq0Vmlat...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPeopHU_0GdZmi_NR-7X4TM__q4C5WScg&google_push=AavPq0PPIx_Mo6Py7xDh80oVr-xDWN39eJKtUX8CHfiOJBVpUwAoL8SGWUkERo3lk2aygxmi-KRoq0Vmla...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E67
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENkn7_j_CvLUWbyf_xNTDQs&google_cver=1&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENkn7_j_CvLUWbyf_xNTDQs&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9c-hlUL1ThUgWBSTFLKvnpo_zao&google_hm=UnhBSWcyMHQ3X...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9c-hlUL1ThUgWBSTFLKvnpo_zao&google_hm=UnhBSWcyMHQ3X01UZ2hray1GMUk=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0On-YL4OeAFTDsh9ubLicqDoJmdD3z7k6l2cfSwmr-_6I4A3fkL9WUJyTHIiQOyORU8eFsv9c-hlUL1ThUgWBSTFLKvnpo_zao&google_hm=UnhBSWcyMHQ3X01UZ2hray1GMUk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
243
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7E67 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5NcfFuVNXD4kuvReJqbGyfaEFwokMmv8FA24UokfqPbJvTU_yyK7twsBr2nt970q-Hd1Tw4jP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4941 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2209 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:03 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FC4D 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ebab0b02fe6ac6c0ae54d8b5b786c003532bd70ba2aebdf65926add9f11d2e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34156
x-xss-protection
0
server
cafe
etag
7190293254295660688
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:03 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DB0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:04 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DB0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DB0F 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 31 Dec 2023 21:38:04 GMT
truncated
/ Frame 3594 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17902dedebe288532705d6062ef51fec4019c0cd90b2e03f87b93f086804afc3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87BD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9E6B 		783 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
0d3252e0e8805bf19537e61f294a939d24cb1fc682aab479e84afefe0621d184
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KJzaoaWZjwHTX0Mt-VOQkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-KJzaoaWZjwHTX0Mt-VOQkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:04 GMT
expires
Thu, 05 Jan 2023 21:38:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 08:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
564217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Dec 2023 08:54:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80
x-xss-protection
0
expires
Thu, 05 Jan 2023 21:38:04 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DB0F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 31 Dec 2023 21:38:04 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame DB0F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=QMou0ODNrJgqjPDWEW-T0K5sQM7yWRIPWp5QucBKH93MzrcB0qeadzbCShlY6RpDv0dUACKgr9kll4ghqYhmPrqLzqH80EHMLcSG01JujH3NfOGrMof_8xISRa0SPCxZT_Bp6lpq0yglkIUA0rV1JbpdEJhYSIxyCZRmdhY0jYVbHIlSjAbnPjQw0OIyVWdSPRXwUIq4gtGlLynkzbFvrHxMiguPhg1NAPWSTdA8rSTi3M3ja06bDBE0w7JvrnUEAAZo3A0EJXKZ_w7kw5csac9_c0IaFdHOeVNWOd1JrnNRwHGKn9M4May1JO_ZJ8wqNK4we9WoQ6a1SuUzUGtqaLIG-uuNLGKUpAyDijs0n660u4_oTOxWFe-9W4XyKhs310-LVX5tV-1qENb82km5-kM44anCInN4qHixb-EJ7ALsCRvs
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3144182
expires
Mon, 26 Jul 1997 05:00:00 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame DB0F 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:04 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame DB0F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:04 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DB0F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7YcEOuCEHixwSLmC3wLvvYBr5V3rMNnqK3l4LBqLF2HBOeoFapOCfiysT6QivjVs8%2F%2Fi%2B4pPeIEzMrjJYAsVAGJ%2FR744tNF3Rqv5DNpBRi7t%2FDrDAgOM67GCmNjUAtlQAI4j73l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
784f5bdde821a80e-SYD
expires
Tue, 26 Dec 2023 21:38:05 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame FC4D 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ad0e7f1d744f1737ecd693b74ae25b16f324030ae4c611f8c30b1dc691880ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119964
x-xss-protection
0
server
cafe
etag
5400583299474470944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C594 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 796A 		783 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
38bf949efc1a0a2758e85c3af5bdf456bdd9dc578a6d791de0c1c5e43183ccde
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tHhPYipDSK8I8NEVXw4P4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-tHhPYipDSK8I8NEVXw4P4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:04 GMT
expires
Thu, 05 Jan 2023 21:38:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame DB0F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:04 GMT
829e6d5ea54c40d2a81b6794501afd9d_cpn_336x280_1.jpg
static.criteo.net/design/dt/77429/221221/ Frame DB0F 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221221/829e6d5ea54c40d2a81b6794501afd9d_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
26aaeae2feae67a32dcbd6c66b025f534265ae68d5373276a8c3f21f2989ed1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 21 Dec 2022 10:12:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63a2dbf5-a89d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43165
expires
Sun, 31 Dec 2023 21:38:05 GMT
img
pix.as.criteo.net/img/ Frame DB0F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F190603%2Fc8d3fc1df51e46ca8905832923f6d4ae_logo_n_vertical.png&v=3&w=668&s=HYaRcuDAhGcBrQr_tU_FiSuJ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
fbba0ecc7a5bf69929bd0434a2be74a858f9338a9c110a165736cf301839779e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30695197
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4618
expires
Wed, 27 Dec 2023 04:04:43 GMT
img
pix.as.criteo.net/img/ Frame DB0F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_560799_al&v=3&w=400&s=GW8MnyAfVXhE0mpU9RGdCoK9&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3aa6a7cabb570d4c2eb2ece921bf0e3763e1c3a9498c6f78d3387fa2c3a2e0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5914
expires
Thu, 05 Jan 2023 21:38:05 GMT
img
pix.as.criteo.net/img/ Frame DB0F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_414770_al&v=3&w=400&s=1t0u1foqZBcuJ7PN3YoJJTNv&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
24e9da95f6d91961894a9009b8a6894e7fa6eec112f4da5e835910d0ed938652
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3294
expires
Thu, 05 Jan 2023 21:38:05 GMT
all
csm.as.criteo.net/ Frame DB0F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=cR1ec-K5SWhedqllSIcNUxAx5zKM5tnnkc-NEKb6HH-DDeJkrGfdBtKlt90_FMAbXq8REeNDxpD9HO0pozai79ySh-3vDnKtApxV3Oq2RrblaqLyp8zCf7F4kyMR0EPjx7sDagxpmrzgJpCJzeZaZzJAoepZ6gPy65V2GQEG0q6Cbb0lshWjCPll1iTWw-gQwxMdFLFg5ENBEHBvX6JhX-FFX-EQPxl9oxYgXaok-nNDBpnm8mb8iVDZQ3PJX3ae43nyVMxewyaHk8J0&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DB0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:05 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DB0F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDOgALJSsBc_YaAAVN_N5npH9jGCDwQeqqHg&u=%7Ctl8LhKM0iVJ8USkon8F770j47C4QB5J%2Fh6pTBFrSou0%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXW1_BWDopbu0BheChZMFeLCkWBMXsdzH8W5Ai76dwpf4Q_I5WZYgS51g-I4gx3GoxhXqEh9iD_KKkF1s-opp9HBCwAxugzFksOUHfLn01g5MnifSjNcqQP1pZdFSUHY_V8ETY6vtP23ge5cwYM4xY1M6jREEu1NiKznWBJHwhz0ouCV752oh5pI3a5pfgNBlO9r1cQOGLxxnNEQvHbtf50opI1I4LnzGAJkden6Voi31t55w0kqIcZ3VrDkLql069Gby76tt9D3-h9y45dPN9owRzAW68v1Y-E2f0dCP3VvVTsKFCJs69_siEhsxWTpVN8aJPTrtWVolWpt_UwdiLWbW2F8PQSvSMVUkQHITp1GGIZ1hgWlOwLd9eWCodDgGAFJjhrKZvnQ9rZPhbNAc35hUeWyIXcND9L9bGWDmUtX7F2lt8uvX86oRtmCU-gBaF2Hg7kqKo7QAyEFhuNeqiLFbXKGiib9KoBLbe4lRlQ97Gbo2DIU3gMAbOz_tAnVtpIzaeWUBzGs6kdeHT3-PB2sjqCZ1eBke9YNW4BdPA3c5683SAZHeCfE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo8A8OkO3Y6vKLJrsz7sP_JuV6AqY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJodKHd1KGmPqgDAaoE5wFP0NWmoyQU9jzP1js-sbC1j5_NuvKf5DIa1H-lZ0sXg6wgtOQchRvrq0hmz5xdSq7c5kOMC4sTwX5tmtfn30tIetT5QIRhmscapRp_XXutVHh5HK72QzGcvv7MgSy-CnSlGjSZLp5Yh09irEEdDmRYFzwQHtPai0UhS_p1vS0XNXNQXIA6Dh1FlhR6YSNboQoflc30tgRRfuBhBvZzZouh05ndQXzCtYzXD3L_U8HPdusd85WP2oUoRZ1x4hMQb6V_er_jJ73rSGwMxxZChELVYQu5ZTogo3nz5M6OIYJkVNVPBLcMsI-ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ooscalon7BChu1qJfvDyR6qdM9A%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:05 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame FC4D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FC4D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame 17EF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-99.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
406
content-length
801
content-type
text/html
date
Thu, 05 Jan 2023 21:31:20 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8f2472155c3b6e146855be1d54e7188c.cloudfront.net (CloudFront)
x-amz-cf-id
T-TSi94PvUnRyN8IqmvpLkjEGGbcfRXJ9b8YIotWreSNoZxI9VH1bg==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:04 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9E6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=4029936184936943&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 87BD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 796A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=1237381443970703&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame C594 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 87BD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dOYfmQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame C594 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wxzTIQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 17EF 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e9f7b513c47729fe016a2094e29448b6ebf0a40b4bb1d0b904f3dfc62a46d1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49323
x-xss-protection
0
server
cafe
etag
1147772938510932522
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:05 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
etag
"WQX8ubvDGl3DCUDHzxu0sA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 12 Jan 2023 21:38:06 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230105
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a25012177a22bd838094f24ead5bd9c18c7ee5f1414cf31210c65955b471ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20201
x-jsd-version
1.0.1578
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4547-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"638-vQfu8QJopnuJ3cvCQtJ8+g5fto0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZ%2Fo1sTHnCeP6enYZTShcaC1CTDUuR1pWXvclMy38Cou4shLDMzKllikQvCE6sDcjsU1dmKtkLMLiMI3516X%2FapinkvJjO5t4t95gfF7%2BdyTaTKOA2Ubnu%2FRumvKi0bhUMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
784f5be24bd4a83e-SYD
prebid
ib.adnxs.com/ut/v3/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9762f263107847db29ffb7c7ad0aed1990bf4ffedeca6bc05e11dc87fc50c824
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:06 GMT
AN-X-Request-Uuid
681351c9-62b1-4364-b952-f00a5783ff85
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
368
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=61742374709
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
45139a30ada0391cb442d007fe0242c783b3c776c92adc2a951a6caec72f9ef9

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 21:38:06 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
cygnus
htlb.casalemedia.com/ 		37 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213cf7033eb351ba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222062ce1ca529ee6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222313000ed7fb47b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222420af0eba93a15%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fec382dd-3782-4a6b-8638-5af8358028b4%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466a69d1c34515f7160698071b88155627443e14bda5a302c568d9aa9b5fa1c5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlplw3ZU1w6h6AOhhT9uM5ITMnMB7jznT50NjLnrXxKYk7XIoBA0azkBjmgIQ9V80YILJClam1R%2BPxRf9R3%2B4PsU0jQ408F0gsDlLsM1Dw1plIj5K5LmlHizR7RTkrCI8v4miN9u"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
784f5be28c38a8c4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213cf7033eb351ba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222313000ed7fb47b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%222420af0eba93a15%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fec382dd-3782-4a6b-8638-5af8358028b4%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466a69d1c34515f7160698071b88155627443e14bda5a302c568d9aa9b5fa1c5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTM%2FQiHNMN3X3UeP3kOt7jQCmAzeOtWK9lay0X7kVXHKC2CgDltKXFJ9w0nnzRkZ7x04OyqNv3xop3Nw7P017i5Gsb88ceXCjF4H0DvFEh7iTkhirMiztL74JWTe4Ryjcc%2BSurrI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
784f5be28c39a8c4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.153.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-153-204.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
48
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ddd29e4d4e68e83c30efc046f35822ee29dba3f6017267799c4b32295692d0e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
149
alt-svc
clear
expires
Thu, 05 Jan 2023 21:38:05 GMT
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.185.101 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-185-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 05 Jan 2023 21:38:06 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.202.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-202-90.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c4ddd0b1f98300ea055a7c9af8cc56bcc9ec889a53d4d323d28c3e8f3e86efb5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.202.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-202-90.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
575896e7b1dcefa1a380aa20290d968ad47abbbed5cdfe5a7562f56a4e0f8430

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=fec382dd-3782-4a6b-8638-5af8358028b4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=225e1f68-8221-41fd-ac41-542c0120634b%3Beb3313cb-2bbf-42aa-b16a-0eeebefe4257%3B49c66d3f-3e3f-4a63-9563-0a45aec55591&l_pb_bid_id=52e59988046f7be%3B53511581a315089%3B5428c1a7389be99&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.37428336090281267
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
586553ac2ebb61bace17b7e29fc63b7092a28be41e1150368c1aee84a5f7b7cd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 05 Jan 2023 21:38:05 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
adreq
ads.servenobid.com/ 		608 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4832
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
60648cb246ce4141867e508bce0a2c82feae1415a695e7cb96acfc6acc7705bd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a09b2ff7-0706-4667-9d6f-bce2904ff2e5%2Ca9635116-7216-4dc3-a32b-29f2b4265567%2C9ef2e051-a4ce-4efa-b702-4d19918e59d4&nocache=1672954685494&pubcid=fec382dd-3782-4a6b-8638-5af8358028b4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7a3b9b7a6b06f15b7f6d69f22efaed8c99f4952b2dec6250519343af65ea04bb

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ea77ed75-4276-4c2a-b842-680dc258dd92&nocache=1672954685495&pubcid=fec382dd-3782-4a6b-8638-5af8358028b4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:05 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=66ff6d2a-8c32-40fe-9f60-0eabd8e0fc24&nocache=1672954685495&pubcid=fec382dd-3782-4a6b-8638-5af8358028b4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:05 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=668aa1f1-cd60-4dd1-9dd5-48cb7f1169c0&nocache=1672954685495&pubcid=fec382dd-3782-4a6b-8638-5af8358028b4&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:05 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.12.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:06 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 17EF 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
b5a115579dc9706b503dfda493bcb03f676d90ad7ab704f7ac92fc90f2dc696f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
7406816894435966937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Jan 2023 21:38:05 GMT
L2EveGktanUtcmVuLXNoZW5nLWNoZW5nLXpoZW4tem9uZy10b25nLWRhLWthLWJ1LWhhby15YW4uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGktanUtcmVuLXNoZW5nLWNoZW5nLXpoZW4tem9uZy10b25nLWRhLWthLWJ1LWhhby15YW4uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 05 Jan 2023 21:38:06 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=221
content-length
555
expires
Thu, 05 Jan 2023 22:38:06 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1B1B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
618046b97a7acf1c028e64e93ac3069f79b992b183f95283f4c5caef68894fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12582
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 17EF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 17EF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A658 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954685690&bpp=3&bdt=533&idt=413&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=2530137337724&frm=8&ife=1&pv=2&ga_vid=996576742.1672954686&ga_sid=1672954686&ga_hid=372403768&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071366%2C44779794%2C44780792&oid=2&pvsid=2693001854364226&tmod=1200168703&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.g01d7kadvf4t&fsb=1&dtd=430
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 44C4 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954685693&bpp=1&bdt=537&idt=435&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2530137337724&frm=8&ife=1&pv=1&ga_vid=996576742.1672954686&ga_sid=1672954686&ga_hid=372403768&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071366%2C44779794%2C44780792&oid=2&pvsid=2693001854364226&tmod=1200168703&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3fj2gt49ztpg&fsb=1&dtd=440
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 20:50:18 GMT
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
AZhRF8-tz9WjgFBoGaax5xqHsbPUGRrQm3a_n6ojbQUAKzXilX4Mhg==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1B1B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 17EF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
fac55d9ee65ad8b74065a4c16ec23c9e9cc4532f0f20e7ef45cefb22ca305fd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12418
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FC4D 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
91cb108ce804d7381c2f6d07e6223c3f59c802e78357ce54099434959f7ec16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12547
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 49D9 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
3ca1233366499a8b78ba3f6182368530bd4c3c1c08e2eace2937553c349e0d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12433
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c4254d81e721411a5a78d629467b823c9209d629cfe62319396c6b83a7892954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80579
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 05 Jan 2023 21:38:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 17EF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FC4D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 49D9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4941 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=4029936184936943&bg=!bm2lbSnNAAYDMoyoIzI7ACkAdvg8WrXoUHqh2UrUTgb6M8mwNz8lRHijClg9gNfTA06DTJR21Fiq_gIAAABTUgAAAAJoAQeZAr3Y-hqsnRO2a9DYDAArYm4wxZJjQepfyP6-mjXZbZd5QLggqMJ8PmKdjVn8tMefan7n5GGlcFlwdnT8i1h9X3ulkZ3Z0a2VZJ7Ve2Z4YD2abQn8jQ-qdzMX_CwKc_RtrFFElXFGeOeZMuw0VrYuJTjVWVYSXdB3Iuw1p6nxjY-Pj1l-xKHaEcuW69DhYHmMN1-gdWfm6gqiUFEwK5yRDjfYfypH9IIwo3sI-3kgwfdrwOfUemKd5yaEZEYH_T1-2Z0JOqER6CchGy8CVmN-yX5AxNdt75Vq6OnW_x4wLg9fbr40irNLV0VVRtFinovprCR765DI9RIOwVQPhr1J7f3Xeq_uhBbisaHSA87IhhHHpHZe3onP8OUovGw6r4rPkBxRBTaR36kxGt7V--6i4-E45YdysdxNAFuWM11AU7n05mgp7v7tff8SQEJExx4uj7CrMw1XweUeqkY1z3DoTOOwlLb7Rt6FzpT95Gkd_OUEtioL2WJVel8NCWfgGkwK6DeElBT_-OJAFTUYjLcD-8rGlYO1mc9oMLgDPd5lXs6h_4vhpqE15ikmSttXa9fGsUzJ_A_onk1F826ANfKdcjXqTyvnsdgi88Fc5SfKXs1P3h1OSznjgNTWpvZCBnFcvQwsvhhpUew_7scOeN6oiK8BTpN7-nB0Dpd0W-w2nU-Muc_EbpLR55uB-13l8X6PzYDkskQY-w61Nd4NU6iJiI71nCTXacGEezMDE3hptZS_J23megVwBIQKMsHsdfcVYIgGvkOONR9anSFcE8KUlEro-r1YTxMlHsX5DA6OQTNbEWM12buHdstuIEBgulZIUYD4TbEUps3EBUUVDz2E6IYXYpYBl-MyQi8h0j-w2cR8xFLBVBTc2HZpXuYWoO5QUVgbOvtK-GFCQPMbC_tx_2yfa2DrNq83NuRivDXXaA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A33 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364522
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4575 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
792217e49a389092393fe96c36fa75df87b0344d8f0fd04c11914df3f28a66b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2dRymypfXNO4wbRHguOSQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-2dRymypfXNO4wbRHguOSQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:07 GMT
expires
Thu, 05 Jan 2023 21:38:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A98 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364522
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A25F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
c825701176043164eb64dae58d008b34c8291cd54a30a329bad184d32d7ae1fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HM1ZUOG00kghyVJYxOpTrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-HM1ZUOG00kghyVJYxOpTrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:07 GMT
expires
Thu, 05 Jan 2023 21:38:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 2209 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=1237381443970703&bg=!ubqluv7NAAYDMoyoIzI7ACkAdvg8WspdFF4NlbLcdO5GTvnIbOKKcPrpIXHSdXV3bJuL1CAMTpbObQIAAABNUgAAAAJoAQcKAGDD0kt-X3h02XqTOKiPItj9lE9h6vWGW-oR1I9xnGTVknhF1zPAYoyrFOsuycSt80IGSXXAuRXwdgDuucVlR1fOu0DtSsNPtWI8HGoaVyXLzC49-XBDh50Q2rM-Zxx8h82ZAr7DGpRRbYiAfW03BPqJQkV2W5XMuffK5ByNOrR35i2I3NOVBrJFty6zDDbVt-hMELK_XIXGj5Cqr2ODkhD1sF9SZ6eFaMDTJczjVwNwXvbGlqClArbISuOw4B7IGss1xQpizBBte0DFAD1x1cbloCAdAPadGcqQPntRC_Z3CYr5iZBdsoK9e6V0_1W6Pj1bbfr1_wrLXauFjEAvd3uUH0EKn1HLKp20nxKYOvcnzUI6_4jk9q1LZ1iky-D6XCEU1NUf8Lk4ZDRwDsRaFKFn7QVs8yncov8nXDfnREY5Zt2_dYxqc18qudIKfq2gX5qpeQONeBKToUsjK-UzPCA-5URqM1wlBrsyxUcgUzwzXGhsDQyakv9lUmfRzpYHIZlM_s-lVvDo43mhbc56wqj-9SQtaq2Aa5tjwwE2GyaTjiUo5XXfQASwzQ6JfPOvrJABkubhLzPUXDzG7DkYMrkXotw-0j6X4HUJOosBzYbwFMCvdaKLRBezUbFJE4UJCbumPuFtMaEW6dGzrjZUzQz-KMIyHGS97BW9WBLSFlmAqwj52I3LSbbJDgm6U1sjDf7z3zvDnXyIxFGMS0CynkbzTE8bW7LJW2AbIBj0cD1vgbHLJhRAhcWxlUD5Lce6jSS_kqzBgH4RFGGk_zzeAP0DCEdl9Vps2kG5yDOvpMG5OpMFBp3g7nlGPywzTS9xKT_oXp-BmCKgSkBWaACd2RmY07CfBIsSLkJ05XkQdJFL8xnePTBIbtzKqqaVlIWT3fT78tmhzwgDmFpcrMF2Y2SgARoGxejJfr0H0bYIUPvLO-EJd1ThpBo9bm_ng_4s9Rs1H8JgKRt6JHxrB600feft-Md9CErdX0etEEFMncJ-TJJHYDeTH72NJumLawDsCKg02jAcvR4ARDY7EgBVAaLV98ieeTLCU_0hIPUA1JChnCk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4575 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=2693001854364226&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 5A33 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A25F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=4187617558618223&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 8A98 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 5A33 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uNacnA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8A98 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M2cXeQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS94aS1qdS1yZW4tc2hlbmctY2hlbmctemhlbi16b25nLXRvbmctZGEta2EtYnUtaGFvLXlhbi5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYzIzOWQzNDctNWI5Ny00MmE0LTk5MGQtZTllYzU2MDYzNGNhIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIyMzkyNWE5YS0yZTY4LTRkYTUtYmRhOC03MjMwZWM3Zjc2Y2QiLCJ0aW1lT2ZBdWN0aW9uIjoxNjcyOTU0Njg1NDU4LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIyMzkyNWE5YS0yZTY4LTRkYTUtYmRhOC03MjMwZWM3Zjc2Y2QiLCJ0aW1lT2ZBdWN0aW9uIjoxNjcyOTU0Njg1NDU4LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMjM5MjVhOWEtMmU2OC00ZGE1LWJkYTgtNzIzMGVjN2Y3NmNkIiwidGltZU9mQXVjdGlvbiI6MTY3Mjk1NDY4NTQ1OCwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19XX0%3D&c_b=12089.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:08 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		96 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3197543272618260&correlator=1753267727810721&eid=31071150%2C31071186%2C31071296%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=2&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D22dd2d450e850add-227411de2cd900ae%3AT%3D1672954683%3ART%3D1672954683%3AS%3DALNI_MYs7JZDKitEyBTBBNjtL3VnMnB-JA&gpic=UID%3D00000b9eb1f9ad93%3AT%3D1672954683%3ART%3D1672954683%3AS%3DALNI_MbWtsreucjTNO9Dq4rZdyj4as7yhA&arp=1&abxe=1&dt=1672954688482&lmt=1672954688&dlt=1672954677836&idt=7150&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=890864016.1672954681&ga_sid=1672954681&ga_hid=1500053407&ga_fc=false&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
46306420d9a16f2917e48c0bc2d48f63e8891b165d6758e6ca59aba1c8c64b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25423
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D931 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:08 GMT
expires
Fri, 05 Jan 2024 21:38:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 21:38:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D16 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FDAB 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
60ba73da0a33570a33111fee294a8c8f5cc08618ca3a9ff7fdfd0014f1c96f63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_dd-uwHLdC4J1kyGKldbVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-_dd-uwHLdC4J1kyGKldbVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:08 GMT
expires
Thu, 05 Jan 2023 21:38:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 923D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 61F6 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
3e3dc40a0dfead40daea4c547da2f0e19ad179852f18b520aa6c7e1ea5deccf0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0FR0JF_N4eDtwj8Z4NwPcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-0FR0JF_N4eDtwj8Z4NwPcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:08 GMT
expires
Thu, 05 Jan 2023 21:38:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame FDAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=516345022958043&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 4D16 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 61F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=3763828046294366&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 923D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
pixel;r=2105302281;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2105302281;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-912157730-1672954686179;pbc=fec382dd-3782-4a6b-8638-5af8358028b4;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1672954688980;tzo=0;ogl=;ses=6b0af0a0-bf72-44cf-9c63-ba0a3dceb540
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 06 Jan 2023 21:38:09 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 238B 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Dec 2022 03:51:53 GMT
age
582376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 30 Dec 2023 03:51:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 238B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 01 Jan 2023 16:16:36 GMT
age
364893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 Jan 2024 16:16:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 238B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 06:59:46 GMT
age
139103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 06:59:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 238B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Jan 2023 19:48:35 GMT
age
6574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 05 Jan 2024 19:48:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 238B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 01 Jan 2023 16:16:36 GMT
age
364893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 Jan 2024 16:16:36 GMT
truncated
/ Frame 238B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bfe955d5df32480de9b81e26ff720b9c73b125ed266cff15923354dd627dc17

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
16399292630619180657
tpc.googlesyndication.com/daca_images/simgad/ Frame 238B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16399292630619180657
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
138ec66db7beafe10a128e0b4d28961d8fead5e602e94c2c174611af3fc2315d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30233
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 06:38:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 05 Jan 2024 21:38:09 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 238B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:51:55 GMT
x-content-type-options
nosniff
server
cafe
age
24374
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Fri, 06 Jan 2023 14:51:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 238B 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 10:35:29 GMT
x-content-type-options
nosniff
server
cafe
age
39760
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 06 Jan 2023 10:35:29 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 238B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CK06IQEO3Y6_JJ8iPmsMPy7Kq4Abvz5_ebYHgxav0EJ_Rx7erORABILqEwDNgq-yxheAYoAGJh-3dAcgBAuACAKgDAcgDCKoEjwJP0HE3IbwJ27BOMIFesuRS9Qi-xuiPpwTnIKYBpnqo2hMj9sj-CdQd329EVwEFaH9cfmOuVJ5C8Gpt_Qt8VhFwxlITRUOzNsXGLOcJAniqU9_KtAqK_NZ5vPUXoG1-dZwv2bGUh_2mHYabZiouUrJb0nVbW6AWJx6QCNEc9dG_ynd4YdvXndPsW6Q3jD9a-um8snh6TPAiFflVb8OaT_MS8RvZUFW5DHbUisoCmZRw3zSzMFb7_VRLvfNOaIldNDtglRDH7EOlpDD2DeFOn9rRAdknLKVQ7WTMEEzFSdpMzLdG8LbWo5rCpxylNMUhfDn4qdUYUm2qLrP0h7e3j85VxH6dHAhJPEWJ4cT_P56awATYg7CSoQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH3_iSogKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD-qwHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwrQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=RzPgJcw_x-A&uach_m=[UACH]&cid=CAQSOwDq26N9kyggGiy9VUd4DNXszXyyEXz9E7MTApXqaYuIStvdryBe9Jd9QeYY8UEaAT-qEVP_Em4Jrx_BGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5792 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:08 GMT
expires
Fri, 05 Jan 2024 21:38:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A072 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:08 GMT
expires
Fri, 05 Jan 2024 21:38:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 4D16 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gQPPQA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 923D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5vLLLA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe120&_p=1500053407&cid=890864016.1672954681&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672954689&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&dt=%E6%88%B2%E5%8A%87%E4%BA%BA%E7%94%9F%E6%88%90%E7%9C%9F%20%E7%B8%BD%E7%B5%B1%E5%A4%A7%E5%92%96%E4%B8%8D%E5%A5%BD%E6%BC%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5792 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTWYBQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEhQJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7Mws9LQggTXshR4Klm7GV50Os0BGcZl-TxzkmanwtSOoGR9QX_h9Dr_gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=HxKftchB99Y&uach_m=[UACH]&cid=CAQSOwDq26N9kyggGiy9VUd4DNXszXyyEXz9E7MTApXqaYuIStvdryBe9Jd9QeYY8UEaAT-qEVP_Em4Jrx_BGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 5792 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMCCDf_1BtgFWmL4LRICAAAA-ONZtFtuTcMQQEO3Y3jxbhK6GrVPsm-kABIAAA&wp=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
137998
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame DA7C 		128 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bc961d306f2fe131a977c5924adb503d481c5a735b9ef9c28ca66d3795ffc2b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=mh3ACeK5SWhedqllR_3ngyh8RbHRkV0LCYY6luJOWDnTtd-ozeGa-y-MJ5bbTwCEjvmfR490WMTyYtXpeGOvy_aPaZ3C6DXOR_AzmYkc5wtrTsFVnl3RkP0Lq8ael_M4bf5YHtlO6kcA0YgcABkW7EYNf2WxfyZzmkKt5V-o0tkKOEXlc4HEpJfUPKPTnmZ-mPiLXt1SfQiEwiNX20g2uZvv1dDQeHMqdqah1m616bpRET0ZBmjLfAdzP8u5lSP_EpQF3Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
36075024
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5792 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
72124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 01:36:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75A5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
48954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 08:02:15 GMT
etag
48472445140208031
expires
Fri, 06 Jan 2023 08:02:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 5792 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
72124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 01:36:05 GMT
l
www.google.com/ads/measurement/ Frame 5792 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7007ed6KIw3f264nGn30Sd2XJ2lK9g87T1JrFQDrmto01Pz-vqLLaVUxBWk8_N4806NKcHUDe2sPLRSTGmxo7Dm4gqw
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5792 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
438381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Dec 2023 19:51:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5792 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A072 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxyAmQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEhgJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3S0BUZVvt9GN2czJnyFn7XSnCuw8sn220QxKks2GTOObdT42VxCQ4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=PppV_2zsSvI&uach_m=[UACH]&cid=CAQSOwDq26N9kyggGiy9VUd4DNXszXyyEXz9E7MTApXqaYuIStvdryBe9Jd9QeYY8UEaAT-qEVP_Em4Jrx_BGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame A072 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMCCDfn1BnjYBGL4LRICAAAA-ONZtFtuTcMQP0O3Yw5rreGixcnLkevOABIAAA&wp=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
148849
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 6667 		144 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
020d298d32a9f173a17f1352673b75b2d90f2e958e83cc06d52ec1b27d96326d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=K9IfJOK5SWhedqllAXZpQVL05-y8dQyPDfJhyYnpUmV8RzkVyS_9Gol1os4kjDYWiAxetmyzRXofxMCD0_vg4xQdfPIYbOY__PZnw-SxADJow1Larhq3ifzBbr7-XCsRW3Tur_1HUqibWZBxTL2giKDI-MCrWUKzZHP9ddJ-UffSs_jkcVHStabwwtX1GqiwQ1qasnSYzmprpiVCbXGjrAanfFzLdCS6DXWrrYEydusue4K7hwTmOgx0IVjK_BlusnUKJ9exSqFznP3Z"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
56540656
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame A072 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
72124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 01:36:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 21C3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
48954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 08:02:15 GMT
etag
48472445140208031
expires
Fri, 06 Jan 2023 08:02:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame A072 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
72124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 01:36:05 GMT
l
www.google.com/ads/measurement/ Frame A072 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3ZHeHrl_s4eD0GCKWJuZtMVddJU-qDfwr-fbU3bjpsdIpGB97hrD-DrTyhrOuh_iTMAcJNnhd5122-nX8NaxCZ8bkkQ
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A072 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
438381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Dec 2023 19:51:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A072 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:09 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 238B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 05 Jan 2023 21:38:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 17EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=2693001854364226&bg=!MzClMHTNAAYDMoyoIzI7ACkAdvg8WiU3C-W80oNv7mVo2g8t8fAhTmPrUOXMteLqx0nAKg_YP2Y5KQIAAABZUgAAAANoAQcKAF4kSCxvIto0JTBwnVvIE7WAgRaeoIl1dUHBqmu7hPL9TA5SOkShFBxX9L9YJ2y5s9Ck5dX5qA-Oi_VEbh1lD2SBLgWKDHLWFKcXQCrUtfLDgWADb1UJ8LXRRRyIbo4CmQL5EojSJ0fhY7r2UfuhtBgwQUQWCCZqGx4KlEOy37QbtMKS1-3NAlw-5l4ix0E-LI4XSrgFtkDhG3qF9S09ABRUVBZsQsWF5BjvaY3-y1MepG9U2k1Koz6kZN-4KoHrACZabVBHK4WmVI43x_Z2LUK9s6eWBTTDPdMzPMeeTp3goAM1l_l8dB0xNes-WPaEK320cb5DWNhxh_-ov3WyucoSEsl8POc_Z1SoMjui_euQI3h4ofP1du74W9pa9DvlCUH7lPvnEOQT8n9QtrxF2u9e-Yg35buQR0mHIEoZZtq8-fMdeSAXEYUB2_JvPFoBsBOQ7_iyoU8frhd8O8WsYzUyWMCSJDxiyDXIot8IiUY3SP_vXbL9_nb17ZQDDBevuJwbys72SI87n_2SyuxngjCGUBF_UMaizFms5KG0gLAM2KvAHA0Aqs-XnVNxK_2eGXbRp_xiokzypUjBDME914JizAyDRZftF0ImfcIywQAPkm1S5HaPUsLfqDZj59e-HFoAAlOt365WzCfuDjIaAEXhdlDDeQ8RRqm9zs5gqYfnkNDGJHNyvApjRUbVoMJ8RJQn9japUoN3c4BZj1WSeiN-X-FpMNvctDROSGt0rJ55f5MQiLl-3ht2T5qiQ_Wg-ElsBM4T_2yinsFaQFM0s-O0427prwb7cJwFISReOWmEAwYjHdwhCpBiP1-BS82XDXNB9VT1Egl4r-s79ZTufBKQ4GfafWv8gefcbxloeYTBk8nxV8r-IgEsJggINN7upxNHzXJPu_hNjarP5W9tCkJNr3IHDGEDVEPhCeld4fSvNXkoC1tQqbMX-EfOJTYVDU366SmtWOI-Bg1nwSsA7jknlHJSUz9NnKCh2KgcshnJN-nTkmXTRGass2LeWJyg_Mn_ELYh9owRrVyty1V3_Zvzgx3ZX358FsgQgjwvy68JiH1j8MLE76YyShlICX0WnsbWjesXkwhhBm0GvDvcjzJkVSzbo8poIMqc6jIoCaspqIQVAuwFuURBD8Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FC4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=4187617558618223&bg=!h4SlhMDNAAYDMoyoIzI7ACkAdvg8WvSKGROXDvtj5HQKQXfIkR7QTjh3iJg8vsKyNS79uI0tP1b8dgIAAABQUgAAAANoAQeZAtCj0YTVhYccltERMtLb1_j_UXhWhYCuvuNNLsXF-zW9Rh_QBN_UCC_mbacFmFP9Yngc-y_8nIHIGX23syFy5-tEC-S3SdzQvdoTw1A6GoJwO8Pwy_Xh2vF9Z7eAWgn10gm_wlGt8Lk20mC0Ku7CXZeFveK7tqUFcw-Wh_BPDV1nicqsO2KbRNiUckL8kHdq7pUVsx6Un9FX9gRU6y50buK1GvxweR6r7Y7XhXrX2ef5j3WZil_mJY2L7lGj4U_nW-x63j9_gcT9A8155GCr-dhgax-DOvhzXc198wntqxwv5hsTsmCiT0MSaV6iUIFpyyBHyEmDhDc807CVZQijOLX0cAcgxM4Z2XVF1lYCkSy8VTg70cYQn8z6tYbR3VrG5q3F8phlAvaNsiU7cAkMMNP2BM2bfaIR5gBH6yTetaT41PtBTN6FsrAq9FslHFeIifdZJc3XnJ-nFYKjEp2LBTLT4-73DoPzftaXqDG2WGxdO9Wf7Js7GBINFZeWRr4rq2u4nxHqGUmxiLwUO-w8IhcfsJrESrs8J2JQ9SFOMJradaOt3c8WOMVKDBWrELS2u4g3WWLlQPzNNFXlZLPNyU73gjTXrjsZnFG62vZDd4YbBJvE5Znawaj-z9n0P6KIy4HEv8EPivu118EcpCSbrTEL3Tm5hG2p0Ip2JEZltDglCmVCOcwJIxNt9jzRITviX74vxBkVblRV58pma_PX6M7hZf8sblbRECg8MzeS1CrngB-RITdKE6nUe3vnZHnsj5gF6TeyOojNfRc8d20D3QtLBjjbPXhShXp7FGLnlhYRLtFbnkVm7pYHNtX77N6ansAlhw1ubkFdKzsxr73TXTPzYBFoL0yS_pfeVV1nJNtq2s37Xm_ZxAopC2d69ILGyn5VgAuSoTEZOhVOUd2VwGyKVLkZlAfUXC9sQ81OlV-iGZRjXSEVIG2MWJ91QboxrpI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 75A5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENq9-vgyyTXK0GZVt0oaDRE&google_cver=1&google_push=AavPq0MZ8qypZVmPdV_9cA1Ob26OFWGCUvay0EGSWOI_blt-sihhCAKG0n-qX6_L6vkguR91yABaIfsHc0TxS7smbN...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENq9-vgyyTXK0GZVt0oaDRE&google_cver=1&google_push=AavPq0MZ8qypZVmPdV_9cA1Ob26OFWGCUvay0EGSWOI_blt-sihhCAKG0n-qX6_L6vkguR91yABaIfsHc0TxS7smbN...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzJjMDY0NjEtOWUxMi00MjJmLWE2NDctYjJhMTkzYjg2YTdl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c2c06461-9e12-422f-a647-b2a193b86a7e
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzJjMDY0NjEtOWUxMi00MjJmLWE2NDctYjJhMTkzYjg2YTdl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c2c06461-9e12-422f-a647-b2a193b86a7e
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YzJjMDY0NjEtOWUxMi00MjJmLWE2NDctYjJhMTkzYjg2YTdl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=c2c06461-9e12-422f-a647-b2a193b86a7e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame 75A5
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEKmZ0szATGSYq-xYhpt8r58&google_cver=1&google_push=AavPq0MF0V9bc78jRawe4sy7nxWWHObkpsedsUF4tFx1cPovsSWuTyViAcJ2_PkjpqxKop_SDZMArbWki-mrYZPNY_xstU1W...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0MF0V9bc78jRawe4sy7nxWWHObkpsedsUF4tFx1cPovsSWuTyViAcJ2_PkjpqxKop_SDZMArbWki-mrYZPNY_xstU1WUpYq7Zt-Ob0rrBAhvud3sgd6omfIydpwQWsZ1Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0MF0V9bc78jRawe4sy7nxWWHObkpsedsUF4tFx1cPovsSWuTyViAcJ2_PkjpqxKop_SDZMArbWki-mrYZPNY_xstU1WUpYq7Zt-Ob0rrBAhvud3sgd6omfIydpwQWsZ1YeRxkxCk8HMFcKw94HhyHo
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0MF0V9bc78jRawe4sy7nxWWHObkpsedsUF4tFx1cPovsSWuTyViAcJ2_PkjpqxKop_SDZMArbWki-mrYZPNY_xstU1WUpYq7Zt-Ob0rrBAhvud3sgd6omfIydpwQWsZ1YeRxkxCk8HMFcKw94HhyHo
Date
Thu, 05 Jan 2023 21:38:11 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 75A5 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDPJr78G5-4yUFM_y95iioI&google_cver=1&google_push=AavPq0NCs3PWdOQZVnu7LDP8jbltMvhjHQIQn2TNtL5o8DsyVj9G3TcOhMaJopVIO_sa5DWDPFNtjRHkPj9uYpfORUyjivgbN5-JdphrNKKZbck_9U0w5a70f1IDNr5f8d7qXyMntPfDMbWlR_Q_YbHjjA
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 75A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0NojuHNL1HlF_iAaxWSZx-GHHH_8pXeQ2vYilmWGqJMU65THRNRPPoRbvre51oS8WQPqCTm6GSmBDq-lVdCPtQo...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0NojuHNL1HlF_iAaxWSZx-GHHH_8pXeQ2vYilmWGqJMU65THRNRPPoRbvre51oS8WQPqCTm6GSmBDq-lV...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a89092ea-b3ef-4471-8fa7-e66ecaa4dfdc&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw&google_hm=vTLP-xE4QBOzTUKhi4PRFw==
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw&google_hm=vTLP-xE4QBOzTUKhi4PRFw==
Date
Thu, 05 Jan 2023 21:38:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 75A5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJelPhiXAcj5a5KywzD4df8&google_cver=1&google_push=AavPq0OcH5tm_-D--fohPP_zGibccxTnl5br-q7h73RBX1TvqZjHIhcPoF_gJcIEf474cJr_AUw8isoUkXmv_RwIlbLVxn2...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OcH5tm_-D--fohPP_zGibccxTnl5br-q7h73RBX1TvqZjHIhcPoF_gJcIEf474cJr_AUw8isoUkXmv_RwIlbLVxn24Zrs-Rqnj1M3y53BSEn4BQgI91UAeYdmXrScf9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OcH5tm_-D--fohPP_zGibccxTnl5br-q7h73RBX1TvqZjHIhcPoF_gJcIEf474cJr_AUw8isoUkXmv_RwIlbLVxn24Zrs-Rqnj1M3y53BSEn4BQgI91UAeYdmXrScf90C7sszgvM-yBg-usbU34Vg&google_hm=eS1YUmlwS2t4RTJwRUxiaDUwVkJvaVEza3VqTVJnSGlNMn5B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OcH5tm_-D--fohPP_zGibccxTnl5br-q7h73RBX1TvqZjHIhcPoF_gJcIEf474cJr_AUw8isoUkXmv_RwIlbLVxn24Zrs-Rqnj1M3y53BSEn4BQgI91UAeYdmXrScf90C7sszgvM-yBg-usbU34Vg&google_hm=eS1YUmlwS2t4RTJwRUxiaDUwVkJvaVEza3VqTVJnSGlNMn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 75A5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIqGfS5v1zuRNCHyVijt_Q0&google_cver=1&google_push=AavPq0MgFpYdAROq8hR03IN5QHLz5Qsy0UqC4pQNUpwpT85lFm3OZRhe1YN-k8SBATJ1tZGIcD5MikV9ZA4Kw...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0MgFpYdAROq8hR03IN5QHLz5Qsy0UqC4pQNUpwpT85lFm3OZRhe1YN-k8SBATJ1tZGIcD5MikV9ZA4KwTVCzcCJt8fZ8aUQmRxyp26tC0HLPk9IVLoDZVQt22G2tOV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0MgFpYdAROq8hR03IN5QHLz5Qsy0UqC4pQNUpwpT85lFm3OZRhe1YN-k8SBATJ1tZGIcD5MikV9ZA4KwTVCzcCJt8fZ8aUQmRxyp26tC0HLPk9IVLoDZVQt22G2tOVQhEzMF9rLbBm_qywpqre1QUc&google_hm=UnhBSWcyMHQ3X01UZ2hray1GMUk=
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:10 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0MgFpYdAROq8hR03IN5QHLz5Qsy0UqC4pQNUpwpT85lFm3OZRhe1YN-k8SBATJ1tZGIcD5MikV9ZA4KwTVCzcCJt8fZ8aUQmRxyp26tC0HLPk9IVLoDZVQt22G2tOVQhEzMF9rLbBm_qywpqre1QUc&google_hm=UnhBSWcyMHQ3X01UZ2hray1GMUk=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75A5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEOSKjdF3qREWoWjQMK09nZo&google_cver=1&google_push=AavPq0Pjq2-VJKRyxEbwMbYDGFwlXtnzN146oLYCYVneItTSguMMgiIrp7lrh-S2Ps9Fj8CJFkXJPRpGD6FARN4...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GgbTFnpgTURN47JJTwBmBnRaSso&google_push=AavPq0Pjq2-VJKRyxEbwMbYDGFwlXtnzN146oLYCYVneItTSguMMgiIrp7lrh-S2Ps9Fj8CJFkXJPRpGD6FARN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GgbTFnpgTURN47JJTwBmBnRaSso&google_push=AavPq0Pjq2-VJKRyxEbwMbYDGFwlXtnzN146oLYCYVneItTSguMMgiIrp7lrh-S2Ps9Fj8CJFkXJPRpGD6FARN4g17D3RcUjQ2PSiha6y1900Ip5vCo1kwRUgt-bdkiPzKFG0KP5eDMyPH_9g90F6iee_JM
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GgbTFnpgTURN47JJTwBmBnRaSso&google_push=AavPq0Pjq2-VJKRyxEbwMbYDGFwlXtnzN146oLYCYVneItTSguMMgiIrp7lrh-S2Ps9Fj8CJFkXJPRpGD6FARN4g17D3RcUjQ2PSiha6y1900Ip5vCo1kwRUgt-bdkiPzKFG0KP5eDMyPH_9g90F6iee_JM
Date
Thu, 05 Jan 2023 21:38:11 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 75A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpmVePtzasWEaBeb9iCXf4fSQERTGfBnRuRW4Beu43Qn6doWULmvZwoHfAjeNK33dufTOm
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame DA7C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame DA7C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DA7C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 31 Dec 2023 21:38:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DA7C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 31 Dec 2023 21:38:10 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame DA7C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=56NFqXZdmofATVl_-52ExGMWOCabjMG1yh_K2VIlMmm5non9oTaby50U5Nh6qdet5l8YiXIXi5O9MMeSoiQdM8ZoYIsX2plJJ_FZmiMI_EyKrFcGyPT9yxXRH8fPnTZIctLaKYc0U-CQueQs3qe6SiyedWfggY7GHFCpWpIKBP7ZbJID-68mUvv5SKqAuLxwMpJlIikA5tLReRSncbTkn7vmPPvNjs3MhfmxbrhytwEfLyzmR1hztrjIEYiSNunSgJ8bV5if3nMF9Zue5XPLpXdU0qFs5yt-MYvwHVgyekdGtQxjnUT0zIDgEHaqppny9xQyCFwumce7GHQc_gFLEpoNrNLrdseCYHY0vw5Re0a5xn2Gz8gEfVfGPRxdxawJNieN9oc45yzLIKE7AOn6ch6AEtLR_csn7xHKcQRRdzQ4itSeOWLMmC9N9jby1dbn-E7_9g
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2000622
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 5792 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c01f62ef2957bb91f255a8676f309360b3fcd68d8652e94bf10958d5cb54fe2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame DA7C 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame DA7C 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 21C3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENZRXydZukTWAyRPqJQPJ-A&google_cver=1&google_push=AavPq0MM1gAUqUuJqtV5irhsL1wfuUo6rSO8Gq16vMpnv3E1SpgYwjFoVuJsfH9CfDGxDZZMCciSiqPGkqTGVbm0o0aGg0FfD52g2...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjY3NzY1Mzc3MjcwNDg3Nzk4OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZRXydZukTWAyRPqJQPJ-A&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZRXydZukTWAyRPqJQPJ-A&google_cver=1
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENZRXydZukTWAyRPqJQPJ-A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 21C3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEDiAQrWuDDRduLrJ6MiXgEg&google_cver=1&google_push=AavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiAQrWuDDRduLrJ6MiXgEg&google_cver=1&google_push=AavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeK...
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiAQrWuDDRduLrJ6MiXgEg&google_cver=1&google_push=AavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
784f5c008cdf1c59-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
954
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDiAQrWuDDRduLrJ6MiXgEg&google_cver=1&google_push=AavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NN9UrBBGx72o5P3TuKPGbqXFrqTBZoqMBgsVpF5pzvcD5SvIxskZya17Bi7bjt6gih9o8uBnysfkIyPTEORMeyEpYyyeKde_0TgY7Cm6kOPpNHwaNhzgSWBhLky51TRDy70SabqKLX%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
784f5bfeeb211c59-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 21C3 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDPJr78G5-4yUFM_y95iioI&google_cver=1&google_push=AavPq0PnceyPE_jjUsrofMFhZN8B61QIL0AGA5ANx9uwcQ_U7Srtl6A3e9fUhX452QDD_ZNc-Tt5dowdUfkfExH0x--L8UQMDsIW0n08kX3Z7l80btesmqYSCXVdDeAEt18xGJh9hOr-9zSm
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 21C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENotvOagYmUi3TwPZ-_YP0c&google_cver=1&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw&google_hm=vTLP-xE4QBOzTUKhi4PRFw==
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0P4C7Va4NWCDZcgkIUwHXsZa9zrjYUqIpdEsNqDlvijefDfFcvAtQqC4OzOp5EDv-k04gGaJGcp-d6hw4D1KH51vSMyqh-1cGe-3hA3zaz4wPgTnQ6GUYaABdCRbYQntuFuOZNPAFfw&google_hm=vTLP-xE4QBOzTUKhi4PRFw==
Date
Thu, 05 Jan 2023 21:38:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 21C3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJelPhiXAcj5a5KywzD4df8&google_cver=1&google_push=AavPq0OeG6Lq_SPZkT8WqNHx_ysesu43FqlFBO3qaOMDep5PQNkPDbQd93KO3ghtTBcn2Dyd1mbI4M4IWpwc1TmlUHr-CLQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OeG6Lq_SPZkT8WqNHx_ysesu43FqlFBO3qaOMDep5PQNkPDbQd93KO3ghtTBcn2Dyd1mbI4M4IWpwc1TmlUHr-CLQqO13lUx70PfTa48QZI2lgt5cjnJzOmO5wYAHll...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OeG6Lq_SPZkT8WqNHx_ysesu43FqlFBO3qaOMDep5PQNkPDbQd93KO3ghtTBcn2Dyd1mbI4M4IWpwc1TmlUHr-CLQqO13lUx70PfTa48QZI2lgt5cjnJzOmO5wYAHllB2FsLZSERE&google_hm=eS1LTjhkQTQxRTJwSEhhaGJocV9wOUdWR05FRlQwNEFFdX5B
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OeG6Lq_SPZkT8WqNHx_ysesu43FqlFBO3qaOMDep5PQNkPDbQd93KO3ghtTBcn2Dyd1mbI4M4IWpwc1TmlUHr-CLQqO13lUx70PfTa48QZI2lgt5cjnJzOmO5wYAHllB2FsLZSERE&google_hm=eS1LTjhkQTQxRTJwSEhhaGJocV9wOUdWR05FRlQwNEFFdX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 21C3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENJfRikoQAaZaPxbrU0bYZs&google_cver=1&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg-h...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENJfRikoQAaZaPxbrU0bYZs&google_cver=1&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96N...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyODA5MjY5NzE3ODc2ODU4NA&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyODA5MjY5NzE3ODc2ODU4NA&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg-hPVfklQUpPYZmtT5CnWBpX-3p1mH3Z1S4TYg_dvVuMaAnKM9La_acUuQSoRrd01rI
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTkyODA5MjY5NzE3ODc2ODU4NA&google_push=AavPq0MVAxbKmZgCwpCVTrhGnTyEuG4rt5mOoHO0YIYH0g7XFafp0xoBBiXjTewbkKERVS2_96Nwpg-hPVfklQUpPYZmtT5CnWBpX-3p1mH3Z1S4TYg_dvVuMaAnKM9La_acUuQSoRrd01rI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 21C3
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESELlMPdyqTJR1irnVQsal-00&google_cver=1&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESELlMPdyqTJR1irnVQsal-00%26google_cver%3D1%26google_push%3DAavPq0NatHTcZNHGkr7MdQ...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A692387004890502134&exchange=193&google_gid=CAESELlMPdyqTJR1irnVQsal-00&google_cver=1&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS5...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5MjM4NzAwNDg5MDUwMjEzNA&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5MjM4NzAwNDg5MDUwMjEzNA&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8c9n8b1VKoOuzYimVxvDI6d4PTUjtxnZ6JJ1s-f9ciK7sD-36tCTOD6C3JVCYukOS
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5MjM4NzAwNDg5MDUwMjEzNA&google_push=AavPq0NatHTcZNHGkr7MdQ4FnQAfT7UQvT4b0GD66pGmNtctmZPS52hvwWKVF77XTT3T59DHjMeIUbT8c9n8b1VKoOuzYimVxvDI6d4PTUjtxnZ6JJ1s-f9ciK7sD-36tCTOD6C3JVCYukOS
Date
Thu, 05 Jan 2023 21:38:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 21C3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7Lc5XdVoNaQQ68EDRN7t8HCaViQGFYwVVkXjs8jEuy8QXNdacq5V4RdiktX2Jdn5CHipwAg
Requested by
Host: 64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
URL: https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame DA7C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
img
pix.as.criteo.net/img/ Frame DA7C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=176&m=0&partner=70489&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F70489%2F200408%2F3c09cdfc5e5e455b8f2fd075602a8b8a_square.png&v=3&w=256&s=dKnJBhi6RZfDZi1ITzcUSxTr
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
8c4591f30d7246bfd1500c5cf596cfea1655e616493cda06332b14f8fa858e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27411624
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18195
expires
Sun, 19 Nov 2023 03:58:35 GMT
img
pix.as.criteo.net/img/ Frame DA7C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fd%2F1%2Fd1a0471f5d2e0979cdce450db151cbd5.jpeg&v=3&w=400&s=f4sAm6cXgX-IIJ2ukzObqhH6&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
645f2e831aad792806d08fb23ad74725bd240ab0fa60de5d98d94ae670b441f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29204805
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3208
expires
Sat, 09 Dec 2023 22:04:55 GMT
img
pix.as.criteo.net/img/ Frame DA7C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Fa%2Fe%2Fae6cc10308b9bf9134f7ec65efb521cc.jpeg&v=3&w=400&s=GZKZMocB2bKFkQzLEC08fHIp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
305378144252adebd9a253337304a16101a10b3396469185b9809e0879d0bbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29065883
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1970
expires
Fri, 08 Dec 2023 07:29:33 GMT
img
pix.as.criteo.net/img/ Frame DA7C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Ff%2Ff%2Fffaf9231fdf995c065f298ad755f383d.jpeg&v=3&w=400&s=ECLqS4mo8Xg2jtn4Mg2X4HQg&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9cbeecf079c0f8619f67c33c6ae7dc092581bddf261ec32f00ec2d142e58c45d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29990879
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5300
expires
Tue, 19 Dec 2023 00:26:10 GMT
all
csm.as.criteo.net/ Frame DA7C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=mh3ACeK5SWhedqllR_3ngyh8RbHRkV0LCYY6luJOWDnTtd-ozeGa-y-MJ5bbTwCEjvmfR490WMTyYtXpeGOvy_aPaZ3C6DXOR_AzmYkc5wtrTsFVnl3RkP0Lq8ael_M4bf5YHtlO6kcA0YgcABkW7EYNf2WxfyZzmkKt5V-o0tkKOEXlc4HEpJfUPKPTnmZ-mPiLXt1SfQiEwiNX20g2uZvv1dDQeHMqdqah1m616bpRET0ZBmjLfAdzP8u5lSP_EpQF3Q&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DA7C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DA7C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 6667 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6667 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 6667 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 31 Dec 2023 21:38:10 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 6667 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 31 Dec 2023 21:38:10 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 6667 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=IbTkdH-1LfqwuheEw9L6HC0Ic3O2SkhPluncWBaWPV7fseA304KqxRjbBinV-zHXbGSFF4Fr7YBpbibunz6abG64hfcq0o99qDuJ0pgzCZGAde7BoahwlJwQ_isUhef7MW6_MTqieeilIXOxLwknPWwrR8LBlFssbR1h1ZYdbPPcYHlYhkPyko0DvAW4bLIqPRPuI6YSJz2OuS8yoUPugLyqfkRHCSs1Rccq4H0lmpLmQ2FIh1x30Ldm3BWmtJHSiUq9Gf1GnMp2ICgLMl1ZMfKOnCUjq6dPcVOqCt0ser0CUy9netWwNl8MqwMxDdR7G2bIp0pMSEo9tYiaQmp9FM1Shf0sLJbtEC36H8VRIIPW5-KWUVGO64Fd6qSSLOWkeR6gk_bc9G48IqVrCwHeg-tKs90rjz2bCZBFRTd0CKQv9qf0ugxdPx6-e5WFpW1AGe35WA
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2015082
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame A072 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a55d04db6c0bf3bc1ff54e241ee78bcffa38c4bb8e2904f8be2e413549ebd40

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 6667 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 6667 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 6667 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
img
pix.as.criteo.net/img/ Frame 6667 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=70489&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F70489%2F200408%2F3c09cdfc5e5e455b8f2fd075602a8b8a_square.png&v=3&w=236&s=v5a5a-1Ho6-hAiLBwSvzQ4YQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
db49cd0a9525be37293bbec39406b757d336b4c995b121ab09494a39407721aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27411624
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13964
expires
Sun, 19 Nov 2023 03:58:35 GMT
img
pix.as.criteo.net/img/ Frame 6667 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2Ff%2Ff%2Fffaf9231fdf995c065f298ad755f383d.jpeg&v=3&w=800&s=tlxiaj3R8r3WRb8UPJz7WFX6&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
aca8e49862ba4301933023e4e37abc001f4001586bcf44498e87f35b1fed806d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29990879
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12764
expires
Tue, 19 Dec 2023 00:26:10 GMT
img
pix.as.criteo.net/img/ Frame 6667 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F2%2F2%2F22762_kinga_single_wooden_bunk_bed_frame_-_white_1_.jpeg&v=3&w=800&s=uJTV2suH3S7a8BNw-FXxDfCa&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
324b20784d244e5fa6a63b67bc8a8022a7c30c75fb40ed44bd5287e934bfbcb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31459574
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10586
expires
Fri, 05 Jan 2024 00:24:25 GMT
img
pix.as.criteo.net/img/ Frame 6667 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=70489&q=80&r=0&u=https%3A%2F%2Fwww.treasurebox.co.nz%2Fmedia%2Fcatalog%2Fproduct%2F1%2F7%2F17d4168606d76ab392aa51d607322aa7.jpeg&v=3&w=800&s=O9ufxJ_owvRSmwHX1zkQ9NDN&b=800
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0d27773a34df72e3622966e43b5f58a3f973c934d808745de9a88406a22c58bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29809411
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35794
expires
Sat, 16 Dec 2023 22:01:41 GMT
all
csm.as.criteo.net/ Frame 6667 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=K9IfJOK5SWhedqllAXZpQVL05-y8dQyPDfJhyYnpUmV8RzkVyS_9Gol1os4kjDYWiAxetmyzRXofxMCD0_vg4xQdfPIYbOY__PZnw-SxADJow1Larhq3ifzBbr7-XCsRW3Tur_1HUqibWZBxTL2giKDI-MCrWUKzZHP9ddJ-UffSs_jkcVHStabwwtX1GqiwQ1qasnSYzmprpiVCbXGjrAanfFzLdCS6DXWrrYEydusue4K7hwTmOgx0IVjK_BlusnUKJ9exSqFznP3Z&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6667 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 6667 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame DA7C 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame DA7C 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 6667 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 238B 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuklZlz-vldOMpKWsI9kzeyIe0yfrH92c7vva5KETf6d6NmAg78fz3OppMd4w-jcY4bT75cf4D2AbkUaO_e7IEM2kEEpCG9PT7nF9tNPyIdK9UrTVphcml1cdJYV_AWSEfxkHo&sai=AMfl-YRn83N9wn4EbXf-lypvpiUfCNQwGTAi1g1vSxh_qFSdcJzMKayVMeeANmCKf_jrjDjiWCzFFmX3ovOnv3ocC6rqHqXGYSYl8AN8Ygygxg611KCm6RBDcFOeiQM2nQ&sig=Cg0ArKJSzDrlJnnySzEVEAE&cid=CAQSOwDq26N9kyggGiy9VUd4DNXszXyyEXz9E7MTApXqaYuIStvdryBe9Jd9QeYY8UEaAT-qEVP_Em4Jrx_BGAEgEw&id=ampim&o=236,60&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=900&tls=1901&g=100&h=100&tt=1901&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
335da60b4bd39fae05f568913042717d80d6717ec0c0db1841321eefd1f54f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12431
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E6%88%B2%E5%8A%87%E4%BA%BA%E7%94%9F%E6%88%90%E7%9C%9F%20%E7%B8%BD%E7%B5%B1%E5%A4%A7%E5%92%96%E4%B8%8D%E5%A5%BD%E6%BC%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-fKfH_EzXGIx_aV8GYZ258g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=14651&dns=7&tcp=532&rrt=1&srt=912&pdt=1&clt=1498&dit=1498&a=5532&z=0.7283724716620346&gtm=2pu000&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 13:02:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30957
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame FFED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:10 GMT
server
Kestrel
server-processing-duration-in-ticks
338203
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 5792 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZRy5AdQpBsUecd9aXDfPv3xmjAEp88RkbK4NaaDv3QpoKR4e7GPssFzpZoiWPOLdYFRYJ5Cjt0t0opfsjYFd2pyBV&sig=Cg0ArKJSzLXaINN_v10JEAE&cid=CAASFeRoeSlM3B4yza4KErqkKeRf63_Sow&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672954689115&rpt=1001&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame DA7C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=mh3ACeK5SWhedqllR_3ngyh8RbHRkV0LCYY6luJOWDnTtd-ozeGa-y-MJ5bbTwCEjvmfR490WMTyYtXpeGOvy_aPaZ3C6DXOR_AzmYkc5wtrTsFVnl3RkP0Lq8ael_M4bf5YHtlO6kcA0YgcABkW7EYNf2WxfyZzmkKt5V-o0tkKOEXlc4HEpJfUPKPTnmZ-mPiLXt1SfQiEwiNX20g2uZvv1dDQeHMqdqah1m616bpRET0ZBmjLfAdzP8u5lSP_EpQF3Q&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LACZofIAAqZSwSrMo1xDPa11A_KwA&u=%7CA6kIQZLvqqGO9NLtatSXpX2GSuJ5X1Fhz4Ltt33ADv4%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2uYcAchbiMZgziqrRBIBOfXe9sAj5s0smr7CaoSEvcbulcrn37nL-i03aDxHU8dKjxY4VPUPCN6MnbyBCZdUkcgJ9iNi9RfvJpC42tt7Lfhm4bO_b9WExDA4_pBFBXJg0MneDaxuwnhBuNMXIutc-rg3NupgPMxwBDWzuhz8DmE76h1Yyd96glthY2QtE8LVz3xWoswjAMDth2QYFx9DjGx2jumHBbFOaS_VlsSpwbZSwuwBbF4a3rA0v6JcWQ0OBRWQls4vXUas_1kSKbgZA_6HvpES1hOTGkQ43gqaZ1T0Plhf4ljXcTNAVgHfg16zhvCFBlpoYYawtzoPm4v7oCemCzw1XeXldbATT0V5N-aYa5sPNpv1NqBHg-TFjqYYi94XETYuUD3v8eX5mhOcrVvL8hcLQY-3PHbmEKj9c2vV2s5_uOopByQPx_LPGpf1qwqzYv4WqjPMuVvS0dK0e0UMxdXy9OYCGaZG2d-zIRg9yM05Itp5-QVEBQ2GlKpppVERKDklB-MKzVVPRG-zjgt7r1B9hk3BQSw1zpBdG5dqscEIm2f8ANozxKJm3cJgfkgXxVz2iEhU0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMrnSQEO3Y7DJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiAJP0PdTfaMvsixdp-9ZSmIJRqgHlmNmRvDIDcXglVg5dNpMJD3Ov9cw_gTRAGAWUbqmoxTdXkZ2BdcHi-R8MdhS7AwWwq4Du0e8UyDc70_r-gfF8ry0gqTxEXbRH5pJzvrgDF9_g74VgaUjkZLg2xfl1hf7Eqenk-XcwRaR7-O-ga9XfzeL4XpgLe50np34FtFQXII24H4ebfQeitNsroa20tjxU4o9ktjdyvBS-8QrVtGypt13ZlTsX6a1I_iwoLxJW0-LKmg-z8bhgJCfJFTgHXvFioNBV1A-O0VR7MwstrYBE9AiDGD1Hx9YvMuUcGlSew50YQQMEVqmL-oWBzNIuBPscEBtR_3gBAGABuXc2ZSA7erALqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgw-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0iQWsn2AgVRsOi9NKO5s9Keqr_NA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A072 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5o09rKMGb2GuGZmkof3XBhOMS6_Snj1E_DsSuM7tp1_i9P8XnkuAm3AHlkEccAFgBCWscaf-HLiuo8_aeQX-gZYci&sig=Cg0ArKJSzNiLmqeBWkjBEAE&cid=CAASFeRoYYscJ5C6jy78nGAKWdzrgVpxnA&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672954689123&rpt=1059&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1B1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=516345022958043&bg=!eXqlej7NAAYDMoyoIzI7ACkAdvg8WlD_siVzHYfbHfjsMDiol6afB6XRFBZSZy9anVg0sp5ky-FFrAIAAACOUgAAAAJoAQeZArbkGaeyIqwkcepJTGBWgqcbIEi5ea4BwiBrSHUsYEeuu09ZkFctikiuKPYBhu9H38__jlF8nO9gNDHeYUCbrZ25dNXd9AeIgvGfRBsPFxA6SKNM8Pnq7PS-7j_qUAkuVKsBvPDZ8SV5cdGNVA6QbjcUj9h0Pk5yI34uJPAKUqRDzFrfsBS-c3gHRSEcT-XEnV7XN4uU8S1DbEYkkoPsmB_uQwbN0sTpfiaeiulv0LuaePobYRE9Lu_mxQgWj0kbTxZ3w7gHPWYxbohpCXQqrd-XhPjCEY85MPNmG7z3NY99e4x18vAXrIdpBfO2jZmC60y1FCIRrKhoiKqFUtKRNWTT6h1E2HVJO9SYE4ZZn7BeiA8ULlalE_uHkB3uGI5U9shP3uSfcemkKht-7dDNlDKLBhvMKprCgPfIq_wHYIJCSnnfbllRADtAq9AM9pmSvw2nT3Lv6cWUjWxReFKbnJHSP-2UgUysxkV9F66MtY-fBqzza9QcgXQoKqgfHyV6DA3UoHjyrNErMDB9ha3GTvB6rg3DbzWxKnq-x7YTF3McoYS1WRPDV9Tt9RbFKAgSYX320P8H0E8Q7KQ4CD_MM8UXWsBJxTlRbhOdduFqHIxMBo1dRN1Z3dr2tW6KCgx9N2d_r11JI3Kuvs6M3_nlGpzus5Y_lEGvy8Q71aNFRhGeFRoVqCPgquLWSC28YkKk4VYYWRhkg6ZKVitLG72357XrgXcCBo_joTHzw1VTygVl-Rzy2d1Pp3Mk4FKwG0BjO5QM-00t2sJ0mLLSWc5mO3NEVpIbVVsF8sqvPS4wwvUV8sCxRGtW3EprNakD2UdkaC505h28QDmPjtkj-XaIEEOPTggaFaTPT3vZHz40c1mkqaL2uQZ6vnwvcsOqz6E99W1b3RXg3cPdPqrt_ayB2GQJPIncwXUT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
all
csm.as.criteo.net/ Frame 6667 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=K9IfJOK5SWhedqllAXZpQVL05-y8dQyPDfJhyYnpUmV8RzkVyS_9Gol1os4kjDYWiAxetmyzRXofxMCD0_vg4xQdfPIYbOY__PZnw-SxADJow1Larhq3ifzBbr7-XCsRW3Tur_1HUqibWZBxTL2giKDI-MCrWUKzZHP9ddJ-UffSs_jkcVHStabwwtX1GqiwQ1qasnSYzmprpiVCbXGjrAanfFzLdCS6DXWrrYEydusue4K7hwTmOgx0IVjK_BlusnUKJ9exSqFznP3Z&sds=2&rev=84145&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y7dDQAAJ5LECZofIAAqZSxqv69SD5NnHz5wWDw&u=%7CA6kIQZLvqqEkDd6fgUboWBmodgfVWEq45%2FC3OWpwtoo%3D%7C&c1=jWCgqsKSUoXV4BApc600hKp5_YRQgeHF5Jq5Ra2pctyNYsfKA6awj9OeB-0-dA40TOMVvKyxviKRqt_hoCsbkgTwnE4hOlGZU6I8TSQHHCTNdUfRjdvWDJbpo_YH2ogyP0gx53xPedrwsVGE4Pk7fiJP5ZAl1dzDzsUSCGMc5jEaNn87t8tBS1-eSt0LstSDo3TrB31B2wyfh0dMVEgARCYwr8dSLfHwTYVjQFRMY2_jR4jBN4JXLSJNq1GERWb0ZTwyK_ppM2Di1l8ssByyblscv5HvG1BzhLg3aQQtnBmZ7Clcn3vL2mxxO_yvI27_ytujE4n-53oy76dfl8oS9S61BGbewTGlV3HD1mXUx2pwyU5DPEyIxJhASLfIyC0SuVbOjM8hBqB2L2jiwaObXmKIs9IWLgUEgohZzdVirkWi6E0y2Y79LQwH8x17yhVEDbwCcnru_Tf_8IYSs9faVCX6nCtXAZE7oTGAm6MbgeSIhyP1UvpAxh7U6XvMa7C4R01zMP9kdyUimDyYonbAY11ikYzvSY1yw2agxVGkoRs6gSctMsX2UHg2gZ7Jt81RLrF42T6PP0zlzqKt3wR5KIvITWPhFEv63dnFJQg-NEzB9IMvmrC341yUI5jZcErQDynYIyQf_-Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8C1ZQEO3Y7HJJ8iPmsMPy7Kq4AaY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJodKHd1KGmPuACAKgDAaoEiQJP0FSi-0DuGjfdEX9UjXOCbUWSfPQw_4gUloMkYiZW1FBxkDQiVRqTOR5i5seDrnZbp-Rz33sJVQJxrluzSZYBhcDNt1JHzt0H9R6tyVJ1Fk9Lq9VIYwdQqFYEy13mp5-Y7UVuwy32VCKkE35NsUU0zierdIahWae2jQjYghsJoQ87lHkaI7VZNSvmt2oXvKN8IYFycdd2Oim7itqRoJtwbUdCeesSOM-Wv9Esc_KRy6O8N2LFW_p9lUMBOGaNpir9Xl8NvrjwtqW20wPU6i2reRfB2JBd2VgRpqujpXIR3W8DcAeKeVjzJkW4Acoxd7eOHuaruFOuOYS5xFdP8v23bdndxm5v4fJv4AQBgAbl3NmUgO3qwC6gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wpMqckhO4wofpfRxzNXp5N3aUFQ%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 49D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=3763828046294366&bg=!vb6lvvrNAAYDMoyoIzI7ACkAdvg8Wt0yl29d072E0WZMRXFQrQSdSKVcEhDI_f6vYKbo23KCAmKjaQIAAAB8UgAAAANoAQeZAr0v25tDf0Z8JlsGaDhnMAEs4aeqS7NaoXriKNlpgyxWobNbXJ15UqTLU7yF9fX3pwRNvclcmwdNS8m2qunrP3syO9jjbU_Vzhs3pfPi6b1uvXLj2BzlszJc7FTpEP5FS1OW2AnLS5MgQ2RjiVEm6nUYF6o_gKPf0YY0OkkdEpqJQMACuoNRT7KMNB0x9JHV08--jXhU6JVh4BjN5YFMx7DWcleDBfPG4uz9k00JhtJhrznMtnlotXU1KyO0rczfY4emHqzd8hACURVoj_2Oad61k6jREo0khihWfTtxCtlqdBYmagtVkS68l-OjZIS3a7CowC6mY3i98IyaQx9HjG-pltauwiwC4KlZJAcu5D2hivWC0S5IvyWQzq1EUc0frqY2KvZCSngGu6tnNelOm1RT3DZHNNcxQHJuIfKqiMnyRE_Tg4dmMsYXzTP96cUeJIWLKsCIZWRl5e6cYXCdcrtuNqei_YKvmnShQc8XzpBZIpHSIsN0o9D1oqtKSfoMHBhNeFmiEMMSxaphPpLCrAOj_ptMRnwh0L3bjGvykr428uMQ2PaAKienzMsGJLYa80u-2s1GtZ8xz4EcQAixSn3DLy5nJ2oOjmdOfgzSrX7RZiJ_K4HKlE0DlGSStio4kmqPjUHKILUoY6X8EAiv-scgMS2xuRbZU2cqnD0gSSvGVIsT7p7O8DDn7NnjFdOs0TiH2wdkHVeCJhD3DhyUsTTUBGB-ubcKRHPvQYT3wpxw6TWuz5kb77KFa5ZTlRt7b2rttXBq788LvZSDE3U90FxH7MnoXnSNOlU3nIiVOX9s74e2Cl7-ou62eUS9QgGZTGAs1BQ2G6917U9hMGP7Jz7nWAleet0SNHimoNZdNrnqB2d5bKpqoO-XeLbhUnKAu4X0IPtSidOdYIQcK-NPJU3tOH3ckaIZqBYvABN-Mg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 21:38:11 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Jan 2023 21:38:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
242044
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		423 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
540ab9b9da3f5cdd2331255b67df6a5292f747a59769678df51e1385a65a28f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
928428
expires
0
rid
match.adsrvr.org/track/ 		108 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f7f415eafecc5bca384e894cc3dabf88a8fcf85ce668442f17a810c76324f7dc

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 21:38:11 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 04 Feb 2023 21:38:11 GMT
usync.html
eus.rubiconproject.com/ Frame 5BF4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 21:38:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E44B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
807
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
784f5c07aef9fb7c-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 21:38:11 GMT
expires
Fri, 06 Jan 2023 01:38:11 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BB79 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
16456
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 05 Jan 2023 21:38:12 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
13, 78704
X-Served-By
cache-lga13626-LGA, cache-fty21349-FTY
X-Timer
S1672954692.298008,VS0,VE0
sync
eb2.3lift.com/ Frame 33B9 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
70081d00c0fb5982f1481652ec181015a5fba43448a77e7ceb398b4af6498996

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1143
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:11 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 112D 		533 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6a6825fc9df4df055e35475a8b34c61725724bcb391cd2ae3b6f638cf9387c25

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
322
content-type
text/html
date
Thu, 05 Jan 2023 21:38:11 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 612A 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
336645e75212ec204af312434f2216b46875d05feed5d342e908b542ba5179dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11784
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 21:38:12 GMT
expires
Sat, 07 Jan 2023 21:38:12 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 6C83 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-2.sfo20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
7205
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 88734c1b1a8053ae83daf0f85731c788.cloudfront.net (CloudFront)
x-amz-cf-id
wLOfkiy3MLAynlia9T1ShJU3j2kTEtMVAmwcCELLn8SjhVaDJDVjDg==
x-amz-cf-pop
SFO20-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame 0819 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1672954685877
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
c7b51460b22b055de1ec3aa5ea30c1232c80c1972443bd92f2c9433d8d0ec602
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1337
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1CDF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
364526
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 01 Jan 2023 16:22:45 GMT
expires
Mon, 01 Jan 2024 16:22:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2843 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f105.1e100.net
Software
GSE /
Resource Hash
d982e793e19c773219b3c155a18693fe1f37c17fd73c1e880c0ae9161631a5f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7CGMZo3XkhdFK-AwqpGeKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-7CGMZo3XkhdFK-AwqpGeKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:11 GMT
expires
Thu, 05 Jan 2023 21:38:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
xuid
eb2.3lift.com/ Frame 33B9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=c2c06461-9e12-422f-a647-b2a193b86a7e&dongle=0cfd
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=c2c06461-9e12-422f-a647-b2a193b86a7e&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 05 Jan 2023 21:38:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=c2c06461-9e12-422f-a647-b2a193b86a7e&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 33B9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 33B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBC-X9cZDiczzXEcp4aU-aE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBC-X9cZDiczzXEcp4aU-aE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEBC-X9cZDiczzXEcp4aU-aE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 33B9
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODY4MTIwMTU4MTgyOTMxMzI1Mzk4
date
Thu, 05 Jan 2023 21:38:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 33B9
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=868120158182931325398&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=868120158182931325398&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=868120158182931325398&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F8D7FB1494FB4C01BDD97926B012C48D Ref B: SYD03EDGE1418 Ref C: 2023-01-05T21:38:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxix4tcrnXMkKBcL1Sgg==

Redirect headers

date
Thu, 05 Jan 2023 21:38:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 564E3E7BD98D4270B3C787C6A1EF608A Ref B: SYD03EDGE1418 Ref C: 2023-01-05T21:38:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/setuid?partner=tripleliftdbredirect&tlUid=868120158182931325398&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxix4m9YTtJwRuBxYU4Q==
xuid
eb2.3lift.com/ Frame 33B9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=868120158182931325398&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1f12617703e34a80bebfb98cf8a0063f&ssp=triplelift&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=bd32cffb-1138-4013-b34d-42a18b83d117&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=bd32cffb-1138-4013-b34d-42a18b83d117&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 05 Jan 2023 21:38:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=bd32cffb-1138-4013-b34d-42a18b83d117&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Thu, 05 Jan 2023 21:38:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 33B9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/868120158182931325398?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-sSsEZ1tE2oQ.BLHOIGYjlCCDF1u41nAFsGrdKx0Fvg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sSsEZ1tE2oQ.BLHOIGYjlCCDF1u41nAFsGrdKx0Fvg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 05 Jan 2023 21:38:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-sSsEZ1tE2oQ.BLHOIGYjlCCDF1u41nAFsGrdKx0Fvg--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 33B9
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=868120158182931325398
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=868120158182931325398&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=868120158182931325398&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E3D8THRRQP871TV1Z106
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=868120158182931325398&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 33B9 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=868120158182931325398&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
last-modified
Thu, 05 Jan 2023 17:41:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AFB1C00895954B468A1E953F3EB83A80 Ref B: SYD03EDGE0710 Ref C: 2023-01-05T21:38:12Z
etag
"f0942be52c21d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 33B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6154674664221769188&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6154674664221769188&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7183678f-219c-4ce5-842c-2d37dd2593b4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6154674664221769188&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 112D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2677653772704877988&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2677653772704877988&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2677653772704877988&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 112D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=2d6fbd84-9e05-759c-dcee-921051a71b49&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=2d6fbd84-9e05-759c-dcee-921051a71b49&gdpr=0&gdpr_consent=
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=2d6fbd84-9e05-759c-dcee-921051a71b49&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=2d6fbd84-9e05-759c-dcee-921051a71b49&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 112D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7dDRMCo8YMAAL6eXwoAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7dDRMCo8YMAAL6eXwoAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 05 Jan 2023 21:38:12 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y7dDRMCo8YMAAL6eXwoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad440"}
X-SO-Key
Y7dDRMCo8YMAAL6eXwoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad440
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7dDRMCo8YMAAL6eXwoAAAAA
Cache-Control
private
X-SO-HostName
m-ad440.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame 112D
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfI6IINtGRxEks8ADzD_5CSP1c8AAAGFg97EQg
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfI6IINtGRxEks8ADzD_5CSP1c8AAAGFg97EQg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfI6IINtGRxEks8ADzD_5CSP1c8AAAGFg97EQg
cache-control
no-cache
content-length
0
x-amz-cf-id
4nhRSuv30oOxyMLt5mVhzwXPlB0x7Tj4iKGennSzNNjt2pHalEqOkQ==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 112D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDEwMDZlNGUtNTc3Mi0yYjM4LWM5MGUtYzhhOTliNDVkNTI5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 112D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTnZe-gj0dNHeYPVAWd-wI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTnZe-gj0dNHeYPVAWd-wI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTnZe-gj0dNHeYPVAWd-wI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame FFED 		425 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f236584a620b5d8911c3d1869f6cc1bba1d8526eb6ab7cb7af6abafbc5e20b69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1827372
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 5E60 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df2097ec8d2fd758a13c06f0aba16a03a767e1c4f776ebebf5d68450c39d8e97

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
784f5c08ac38a814-SYD
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 21:38:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCeqyEsor9loTv5%2FzsS9JoGsHDgsiZCWbNKluIIMLUL%2FOPhd%2FHqTHSHZz9Ker0Z%2BxkP7HRMCXODuWW%2B0fFI78Ood5oisWzZODFoSqOE8XwDxGjPIf7xEGiYs9vzcPTz9abwJlD5zWsB02Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame 0819
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 21:38:11 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0819 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 0819
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
81c1350c-882c-470f-9df2-1ac1402d0063
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0819 		42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=LhdzcYCDJkTJexQsQ08ZUnQu1g54tOkJecJP5avi4nI
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0819
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPewgOT1k5fl5KEtF9ZCXPvNE3cO-OC2Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPewgOT1k5fl5KEtF9ZCXPvNE3cO-OC2Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPewgOT1k5fl5KEtF9ZCXPvNE3cO-OC2Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 0819 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:11 GMT
content-length
0
/
onetag-sys.com/match/ Frame 0819
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCMSG3Z0GEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0819
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6LXP3CdjzgyXSp2ouQUnbJcR-B7Vbnv_SpXGfnXsJvE
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6LXP3CdjzgyXSp2ouQUnbJcR-B7Vbnv_SpXGfnXsJvE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3XV5XA08DBCYYPS2G4RM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=6LXP3CdjzgyXSp2ouQUnbJcR-B7Vbnv_SpXGfnXsJvE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 0819 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 0819 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0819
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 0819 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1672954685877
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 2843 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=3197543272618260&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
pagead2.googlesyndication.com/bg/ Frame 1CDF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
sffe /
Resource Hash
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16089
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:50:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 5E60
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c2c06461-9e12-422f-a647-b2a193b86a7e&expiration=1675546692&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c2c06461-9e12-422f-a647-b2a193b86a7e&expiration=1675546692&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=c2c06461-9e12-422f-a647-b2a193b86a7e&expiration=1675546692&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 5E60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEG-6kakZMXGFSjRRxdxGARo&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEG-6kakZMXGFSjRRxdxGARo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQRqTW51mXqqklIM%2BdbJGJnJHA5zriDRRR4LY3BlcD2XTP6WBdJ%2FLCSsi395H0bpmuLwerCYktGGaqWBrLziPylJI5Q914gUGdGExe8aiI7D8yRqk8X%2BDY3kB6jRw6Q8GmVSW7vwxe2AeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
784f5c0c0f7ca814-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEG-6kakZMXGFSjRRxdxGARo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5E60
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S9KPXHVPJC37KV17BM5V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GBX324GA6SCMMSWN635H
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5E60
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y7dDOxJA5nEkLlUdyGr4wwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMSM09yie8eJ7MCj6ItgtSc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMSM09yie8eJ7MCj6ItgtSc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMSM09yie8eJ7MCj6ItgtSc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5E60
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp_out
d.adroll.com/cm/index/ Frame 5E60 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.92.174 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-92-174.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5E60 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.111.128 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-111-128.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 5E60
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y7dDRAAJf4UlZAAF
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7dDRAAJf4UlZAAF&_test=Y7dDRAAJf4UlZAAF
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7dDRAAJf4UlZAAF&_test=Y7dDRAAJf4UlZAAF
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21341-FTY
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672954693.289767,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y7dDRAAJf4UlZAAF&_test=Y7dDRAAJf4UlZAAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5E60 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y7dDOxJA5nEkLlUdyGr4wwAA%264742
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
33629
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
784f5c0d58121c4d-AKL
content-length
43
expires
Fri, 06 Jan 2023 21:38:12 GMT
usync.js
eus.rubiconproject.com/ Frame 5BF4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0297187a15c549ddbc56e4cc245b27b2dff34880a84f8b9bba15a923274f4285

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 17:34:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71793
Connection
keep-alive
Content-Length
10066
Expires
Fri, 06 Jan 2023 17:34:45 GMT
generate_204
tpc.googlesyndication.com/ Frame 1CDF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RiXq_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync
gum.criteo.com/ Frame 612A 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d5db727fd4e104c78713445c4deec281d458163ae59d4561cbb358ee7a17c9e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1629547
expires
60
usync.html
eus.rubiconproject.com/ Frame 49ED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 21:38:13 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Jan 2023 21:38:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 1C3E
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Drkt%26refUrl%3D%26vid%3D295469230031595629274442150...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=rkt&refUrl=&vid=29546923003159562927444215000V10&ovsid=1973209966547850478
361 B
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=rkt&refUrl=&vid=29546923003159562927444215000V10&ovsid=1973209966547850478
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86dd6820f74bc0ce64eefaa5b6ba844b5910b4061668d17537d1ab5662b29570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
361
content-type
text/html;charset=UTF-8
date
Thu, 05 Jan 2023 21:38:14 GMT
expires
Thu, 05 Jan 2023 21:38:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 05 Jan 2023 21:38:14 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=rkt&refUrl=&vid=29546923003159562927444215000V10&ovsid=1973209966547850478
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CC6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166258
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 21:38:12 GMT
expires
Sat, 07 Jan 2023 19:49:10 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 612A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dapx%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=apx&refUrl=&vid=29546923003159562927444215000V10&ovsid=6154674664221769188
187 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=apx&refUrl=&vid=29546923003159562927444215000V10&ovsid=6154674664221769188
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:12 GMT

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
63ca37a4-68a9-4056-b0f6-3fd1d014b5cb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=apx&refUrl=&vid=29546923003159562927444215000V10&ovsid=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 612A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3159562927444215...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=opx&refUrl=&vid=29546923003159562927444215000V10&ovsid=e543d41b-3505-4f7c-bfa1-ec7ee3488995
361 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=opx&refUrl=&vid=29546923003159562927444215000V10&ovsid=e543d41b-3505-4f7c-bfa1-ec7ee3488995
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:12 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
361
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:12 GMT

Redirect headers

date
Thu, 05 Jan 2023 21:38:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3159562927444215000V10&type=opx&refUrl=&vid=29546923003159562927444215000V10&ovsid=e543d41b-3505-4f7c-bfa1-ec7ee3488995
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 612A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dmma%26refUrl%3D%26vid%3D295469230031595629274442...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=mma&refUrl=&vid=29546923003159562927444215000V10&ovsid=407b63b7-4344-4900-8e70-1a62e233a297
187 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=mma&refUrl=&vid=29546923003159562927444215000V10&ovsid=407b63b7-4344-4900-8e70-1a62e233a297
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:13 GMT

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=mma&refUrl=&vid=29546923003159562927444215000V10&ovsid=407b63b7-4344-4900-8e70-1a62e233a297
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 21:38:11 GMT
usersync
usersync.gumgum.com/ Frame 612A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dr1%26refUrl%3D%26vid%3D29546923003159562927...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dr1%26refUrl%3D%26vid%3D29546923003159...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2271810496
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e
  • https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
date
Thu, 05 Jan 2023 21:38:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX56a1a930dd3549aba204e8c7ed81ec94004
content-type
text/html
cksync
cs.media.net/ Frame 612A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE1OTU2MjkyNzQ0NDIxNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIFTftNuzmppQ0xH7lM6X2A&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIFTftNuzmppQ0xH7lM6X2A&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIFTftNuzmppQ0xH7lM6X2A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 612A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29546923003159562927444...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Ddxu%26refUrl%3D%26vid%3D29546923003159562...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=dxu&refUrl=&vid=29546923003159562927444215000V10&ovsid=8mOu3Tww1PdxWd5
187 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=dxu&refUrl=&vid=29546923003159562927444215000V10&ovsid=8mOu3Tww1PdxWd5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:13 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0eefe15c9b8b9941b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=dxu&refUrl=&vid=29546923003159562927444215000V10&ovsid=8mOu3Tww1PdxWd5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 612A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4377d6e0-08f2-4754-89f1-dcc1fd38bc1c
187 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4377d6e0-08f2-4754-89f1-dcc1fd38bc1c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4377d6e0-08f2-4754-89f1-dcc1fd38bc1c
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1151717
content-length
0
expires
Thu, 05 Jan 2023 00:00:00 GMT
user-sync
sync.adkernel.com/ Frame 612A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-IONkR.VE2pn2TwaVlwHgd5WXhv2HDQFVNFYQSQ--~A&expires=5
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=bd32cffb-1138-4013-b34d-42a18b83d117
42 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=bd32cffb-1138-4013-b34d-42a18b83d117
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
216.130.169.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=336050&t=image&uid=bd32cffb-1138-4013-b34d-42a18b83d117
Date
Thu, 05 Jan 2023 21:38:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 612A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dzem%26refUrl%3D%26vid%3D29546923003159562927444215...
  • https://stags.bluekai.com/site/23178?id=RxAIg20t7_MTghkk-F1I&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKSPBAUSZZSGB2DOX2NKRTWQ23LFVDDC...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=RxAIg20t7_MTghkk-F1I&refUrl=&type=zem&vid=29546923003159562927444215000V10&vsid=3159562927444215000V10
187 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=RxAIg20t7_MTghkk-F1I&refUrl=&type=zem&vid=29546923003159562927444215000V10&vsid=3159562927444215000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:14 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=RxAIg20t7_MTghkk-F1I&refUrl=&type=zem&vid=29546923003159562927444215000V10&vsid=3159562927444215000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 612A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3159562927444215000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3159562927444215000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=a677a6bd-9a44-4f1a-ba1a-f8708108e4bb&cs=1
187 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=a677a6bd-9a44-4f1a-ba1a-f8708108e4bb&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=a677a6bd-9a44-4f1a-ba1a-f8708108e4bb&cs=1
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cksync
cs.media.net/ Frame 612A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c2c06461-9e12-422f-a647-b2a193b86a7e
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c2c06461-9e12-422f-a647-b2a193b86a7e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=c2c06461-9e12-422f-a647-b2a193b86a7e
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
13926
g2.gumgum.com/usync/ Frame 50C3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.215.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-215-196.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a9f6c97fb86faf246100e8a38e07d1733fcca9fa7d114f0d7b9f3b9896e33a8d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 05 Jan 2023 21:38:13 GMT
etag
W/"01f681012a4571e4455311399b0cc8c9a"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame A073 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
f35d5dd60bfc4d51a6be58589f07c4ed73c3fe0ca02cd9f59a0ad057c4aa35db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1362
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame D2B8 		752 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d4544d36644e6f4786d44d7dfe9ecac2540d9589bacaee8db830e0f854eda0d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
752
content-type
text/html
date
Thu, 05 Jan 2023 21:38:13 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 82F8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7192929078eeeeb1a42d4baa3629e65c2e9c20b7d4b1869344114d5cefd9aa2f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
784f5c0bcf2aa814-SYD
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 21:38:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFd5NNSAxL%2B84j3kqZIy%2FN8kMLT29zzIlbrgbT7bRh7OK3BG4F3ojqx5w1%2FjTX1BNU1YA3j%2F8ZCqSmjPPx1hIXjO6qnZRJVd9eC6%2FAKMwIaG1k%2FwzQuZbvK4zH6ohIhEGlFoVq4i6hMsqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4963
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 21:38:13 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Jan 2023 21:38:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7499 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166258
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 21:38:12 GMT
expires
Sat, 07 Jan 2023 19:49:10 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 139B 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.73 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
72da929af8a5819bed41e105de60b9c530643bdd37751b63fe1759d4c60d1f99

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Thu, 05 Jan 2023 21:38:13 GMT
via
1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
x-amz-cf-id
AFrXKyTfpAd5kb9sqV3DRNxcxWzAki-6XCHPFiM6UGAWwN-J4Mmdug==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6154674664221769188
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6154674664221769188
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
043caf13-64a3-4e03-b78f-ac0641eaed10
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F8ASCRZHWT-v1X-NQHebMNug
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F8ASCRZHWT-v1X-NQHebMNug
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=F8ASCRZHWT-v1X-NQHebMNug
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=F8ASBLZHStWSrf7NRP6IzVBC
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=F8ASBLZHStWSrf7NRP6IzVBC
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

date
Thu, 05 Jan 2023 21:38:13 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://ads.servenobid.com/sync?pid=310&uid=F8ASBLZHStWSrf7NRP6IzVBC
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
usersync
usersync.gumgum.com/ Frame 6C83
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1672954693209
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6484280953
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e
  • https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
date
Thu, 05 Jan 2023 21:38:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX56a1a930dd3549aba204e8c7ed81ec94004
content-type
text/html
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759395240436591
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759395240436591
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759395240436591
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=19bb4c50-80fb-45ee-be86-8a9671366429
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=19bb4c50-80fb-45ee-be86-8a9671366429
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-45
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=19bb4c50-80fb-45ee-be86-8a9671366429
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
getuid
eb2.3lift.com/ Frame 6C83
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34894%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dtripleli...
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34894%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34894%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Thu, 05 Jan 2023 21:38:11 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
date
Thu, 05 Jan 2023 21:38:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ssp.disqus.com/ Frame 6C83
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTa...
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d1...
  • https://prebid.a-mo.net/cchain/0/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=sovrn&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpWaE5...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%...
  • https://prebid.a-mo.net/cchain/2/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpW...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a...
  • https://prebid.a-mo.net/cchain/3/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXp...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlM...
0
0
sync
ads.servenobid.com/ Frame 6C83
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
date
Thu, 05 Jan 2023 21:38:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame BB79 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:12 GMT
AN-X-Request-Uuid
cb9a1595-d910-4e80-8770-14568ac941a2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame 612A 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=P3-vVsTnD64z65j2vbsPYz7sK8PSbw20&cs=15&vsid=3159562927444215000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 05 Jan 2023 21:38:13 GMT
content-length
35
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 5BF4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=&expires=30
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 5BF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKTTBYR1ctTy1NR0k=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKTTBYR1ctTy1NR0k=
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENKTTBYR1ctTy1NR0k=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 5BF4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LCJM0XGW-O-MGI&ex=d-rubiconproject.com&status=ok
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LCJM0XGW-O-MGI&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3B627M3JWG42XWN21EH3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LCJM0XGW-O-MGI&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5BF4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=wd586afSSTGGf-MGN1n6Tg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wd586afSSTGGf-MGN1n6Tg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wd586afSSTGGf-MGN1n6Tg
Protocol
HTTP/1.1
Server
67.220.226.234 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T13QMT6K70ZSY0W6KZYF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=wd586afSSTGGf-MGN1n6Tg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5BF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCJM0XGW-O-MGI
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCJM0XGW-O-MGI
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 40EE3189DF1E4EF983FC39DD82B29A2F Ref B: SYD03EDGE1418 Ref C: 2023-01-05T21:38:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxix4+yf/ZQGOYjOsBTw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCJM0XGW-O-MGI
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5BF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/qOG4qPyi7IrYyw55qSG2iA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.sJ9yzRE2oKsXdX_kUklTYjXUzYrF.qMk348OA--~A
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.sJ9yzRE2oKsXdX_kUklTYjXUzYrF.qMk348OA--~A
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 05 Jan 2023 21:38:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.sJ9yzRE2oKsXdX_kUklTYjXUzYrF.qMk348OA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5BF4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgxM2U1Mzk4NzI4OGRjZmNkODMxNzE2OWM0ZWI5ZDRjYWE3ZDhkNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgxM2U1Mzk4NzI4OGRjZmNkODMxNzE2OWM0ZWI5ZDRjYWE3ZDhkNQ
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTgxM2U1Mzk4NzI4OGRjZmNkODMxNzE2OWM0ZWI5ZDRjYWE3ZDhkNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5BF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6xGKiUJ_IyOGzw12-rUfE&google_cver=1
42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6xGKiUJ_IyOGzw12-rUfE&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6xGKiUJ_IyOGzw12-rUfE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6154674664221769188
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6154674664221769188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ae0375aa-96f5-4dea-aac2-ba5605c2eb89
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 82F8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
13.228.111.128 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-111-128.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
date
Thu, 05 Jan 2023 21:38:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOKbk7HbocAACIYA6aQHw&expiration=1674164293
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOKbk7HbocAACIYA6aQHw&expiration=1674164293
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAOKbk7HbocAACIYA6aQHw&expiration=1674164293
Date
Thu, 05 Jan 2023 21:38:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d9af63b7-4344-4a00-8db0-1a67be119b91
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d9af63b7-4344-4a00-8db0-1a67be119b91
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d9af63b7-4344-4a00-8db0-1a67be119b91
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 21:38:11 GMT
crum
dsum.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6154674664221769188
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6154674664221769188
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.154.237 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BiJgzwSbFdlu7UH0yn1F%2BN7a0DstKPxwtErjo4rWPzOSookc%2FdHMc%2Fepy5oPbWXJztlLETS3q8LJep9MywjgiJ5gR%2FnMSpi4pTN1Yoa%2BFKtqqv2x85caSIMnTbbAIAZNHwAQioK"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
784f5c119c47fb94-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0b4c0909-d2d7-4249-9292-d96a3dc6adf1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=360a9628-d1a8-a2f6-8f73bbbc
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=360a9628-d1a8-a2f6-8f73bbbc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Thu, 05 Jan 2023 21:38:13 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=360a9628-d1a8-a2f6-8f73bbbc
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
rum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2677653772704877988
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Thu, 05 Jan 2023 21:38:13 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
ads.servenobid.com/ Frame 82F8 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y7dDOxJA5nEkLlUdyGr4wwAAEoYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame A073
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPexUWy6qEpuAWT6508dop6s-PsDkunDw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPexUWy6qEpuAWT6508dop6s-PsDkunDw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPexUWy6qEpuAWT6508dop6s-PsDkunDw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame A073 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 05 Jan 2023 21:38:12 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d9af63b7-4344-4a00-8db0-1a67be119b91&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 21:38:11 GMT
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LCJM0XGW-O-MGI&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LCJM0XGW-O-MGI&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LCJM0XGW-O-MGI&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6154674664221769188
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6154674664221769188
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
81b41b16-6b03-44d3-b311-d5eefeb93059
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A073 		42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=6LXP3CdjzgyXSp2ouQUnbJcR-B7Vbnv_SpXGfnXsJvE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3455036589987631835
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3455036589987631835
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3455036589987631835
date
Thu, 05 Jan 2023 21:38:12 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame A073
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
38TKJV30G79AZYWTS6AP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cs
cs.minutemedia-prebid.com/ Frame A073
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTcyOTQ0RjgtRTJCMC00N0NGLTlBQjUtMDVFMzRCMTE0RjRD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
date
Thu, 05 Jan 2023 21:38:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A
date
Thu, 05 Jan 2023 21:38:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame A073
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=5928092697178768584&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame A073 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=6LXP3CdjzgyXSp2ouQUnbJcR-B7Vbnv_SpXGfnXsJvE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 6CC6 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74889490&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a91f379c6933603941991970de97e02b7606f066b6dedab5f2fd7ff9fa18c43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 21:38:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6154674664221769188
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6154674664221769188
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
afe965d7-da09-48b3-bb22-18e6fb2c2abf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_1684624e-5447-44eb-a2d1-6c7360b749e1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0935cd17-7974-430f-9dad-28ff55dbaaa9&user_group=1&ssp=gumgum2&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://usersync.gumgum.com/usersync?b=bsw&i=bd32cffb-1138-4013-b34d-42a18b83d117
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=bd32cffb-1138-4013-b34d-42a18b83d117
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=bd32cffb-1138-4013-b34d-42a18b83d117
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1a06d316-7a60-4d44-4de3-b2494f006606$ip$116.90.74.202
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1a06d316-7a60-4d44-4de3-b2494f006606$ip$116.90.74.202
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1a06d316-7a60-4d44-4de3-b2494f006606$ip$116.90.74.202
Date
Thu, 05 Jan 2023 21:38:13 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_1684624e-5447-44eb-a2d1-6c7360b749e1&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=RxAIg20t7_MTghkk-F1I&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2UTYIFEWOMRQOQ3V6TKUM5UGW2ZNIYYUS...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RxAIg20t7_MTghkk-F1I&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RxAIg20t7_MTghkk-F1I&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=RxAIg20t7_MTghkk-F1I&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 50C3
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1672954693347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2701999339
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e
  • https://sync.targeting.unrulymedia.com/csync/RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-f1b164c8-b634-4f23-ba4e-9985b20c6...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://g2.gumgum.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
date
Thu, 05 Jan 2023 21:38:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf1b164c8b6344f23ba4e9985b20c6968004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=4anSi1d3XpFj&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=4anSi1d3XpFj&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=4anSi1d3XpFj&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-695db8c5d7-2g8rn
expires
-1
cookie-sync
sync.outbrain.com/ Frame 50C3
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28H9ZjksOytyXhvfuPu_1SLApgP_VTy_gABouu6UogUbZi2fVvdcidPB8NZUqJrX-3%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_1684624e-5447-44eb-a2d1-6c7360b749e1&obuid=ENC(H9ZjksOytyXhvfuPu_1SLApgP_VTy_gABouu6UogUbZi2fVvdcidPB8NZUqJrX-3)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1$CMP
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
66.225.223.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
no-cache
X-TraceId
c7af02476e1c7e0c2d98cdd6dae59dab
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=da5219f4-b610-4dca-bb95-82fd99f71a0f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=da5219f4-b610-4dca-bb95-82fd99f71a0f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 05 Jan 2023 21:38:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=da5219f4-b610-4dca-bb95-82fd99f71a0f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-vp.Nj75E2pd5R4FfiOlTL12bk0flPqf4q1Ja~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-vp.Nj75E2pd5R4FfiOlTL12bk0flPqf4q1Ja~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 05 Jan 2023 21:38:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-vp.Nj75E2pd5R4FfiOlTL12bk0flPqf4q1Ja~A
content-length
0
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=c3fc9fd0-dfc2-4408-a2e4-2d48544751ad
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=c3fc9fd0-dfc2-4408-a2e4-2d48544751ad
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=c3fc9fd0-dfc2-4408-a2e4-2d48544751ad
Date
Thu, 05 Jan 2023 21:38:15 GMT
Connection
keep-alive
X-CI-RTID
b8a7c306-796c-48d3-aea9-2b7290d721ce
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 50C3 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
404503449
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 50C3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=9003dbe3-7636-4ea7-88f9-833aed714060
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=9003dbe3-7636-4ea7-88f9-833aed714060
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=9003dbe3-7636-4ea7-88f9-833aed714060
access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:15 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 50C3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5283131600680293057
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5283131600680293057
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5283131600680293057
date
Thu, 05 Jan 2023 21:38:15 GMT
content-length
0
sync
ads.servenobid.com/ Frame 50C3 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_1684624e-5447-44eb-a2d1-6c7360b749e1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 1E77
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ea6H7h_1HiosylmrB1OyVzJpFF-wh0BwURE3zfMKg
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ea6H7h_1HiosylmrB1OyVzJpFF-wh0BwURE3zfMKg
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:16 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-8ea6H7h_1HiosylmrB1OyVzJpFF-wh0BwURE3zfMKg
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31D5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=166257
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 21:38:13 GMT
expires
Sat, 07 Jan 2023 19:49:10 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame F303
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=c2c06461-9e12-422f-a647-b2a193b86a7e
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=c2c06461-9e12-422f-a647-b2a193b86a7e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 05 Jan 2023 21:38:13 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=c2c06461-9e12-422f-a647-b2a193b86a7e
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame CB8E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:13 GMT
Expires
Thu, 05 Jan 2023 21:38:12 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master nrt-pixel-x19 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 1103
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 05 Jan 2023 21:38:13 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fty21341-FTY
x-timer
S1672954693.393010,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 2277 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8xNjg0NjI0ZS01NDQ3LTQ0ZWItYTJkMS02YzczNjBiNzQ5ZTE=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 21:38:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame C6D1 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.11 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 968C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y7dDRcCo8YMAAL6eXysAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y7dDRcCo8YMAAL6eXysAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 21:38:13 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y7dDRcCo8YMAAL6eXysAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad118.dc4p.scaleout.jp
X-SO-IP
116.90.74.202
X-SO-Key
Y7dDRcCo8YMAAL6eXysAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.202","key":"Y7dDRcCo8YMAAL6eXysAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad118"}
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad118
usersync
usersync.gumgum.com/ Frame 19B0
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=a_1684624e-5447-44eb-a2d1-6c7360b749e1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=263f951b-fb4b-4c2a-a167-4470d1262b49
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=263f951b-fb4b-4c2a-a167-4470d1262b49
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=263f951b-fb4b-4c2a-a167-4470d1262b49
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usersync
usersync.gumgum.com/ Frame 8695
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
784f5c112c6ba814-SYD
content-length
0
date
Thu, 05 Jan 2023 21:38:13 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LXcCUmbfB%2BSmZZRrak26qE02GGB9ebI4K0wYI9%2BGqUkovA7VUb1GAdwmY%2FiJnsFBAuouBeHONR66NDgeylppCXFQBpwOw71hlrrLjyOW%2BZjNBCOPmPdrhGzwThNjtTHy6Cw6lV5HG4J%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1A36
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ky0Tsui62vfvJAj296xU&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ky0Tsui62vfvJAj296xU&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 05 Jan 2023 21:38:14 GMT Thu, 05 Jan 2023 21:38:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ky0Tsui62vfvJAj296xU&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 33E2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 21:38:13 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Jan 2023 21:38:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkJDMUNFMzAtNEY2Mi00RTA3LThDNTYtQTU3NjYzQzUzNkM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
date
Thu, 05 Jan 2023 21:38:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F36602%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132...
  • https://prebid.a-mo.net/cchain/0/36602?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=adform&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F36602%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dappnexus%26cbx%3DaHR...
  • https://prebid.a-mo.net/cchain/3/36602?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ...
  • https://cs.minutemedia-prebid.com/cs?aid=21492&uid=0fa4897a-e274-4c27-88fd-e7259d132336&gdpr=&gdpr_consent=&us_privacy=
0
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212071945413904
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212071945413904
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:14 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:13 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212071945413904
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame 139B 		0
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7f2be5f9b7e531b3aa2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7f2be5f9b7e531b3aa2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:14 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=g7f2be5f9b7e531b3aa2&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=87926d14-9734-4a42-9270-8ce083a8d200&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=87926d14-9734-4a42-9270-8ce083a8d200&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:14 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=87926d14-9734-4a42-9270-8ce083a8d200&gdpr=0
date
Thu, 05 Jan 2023 21:38:14 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority&zcc=1&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D&cb=1672954693459
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4085024595
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e
  • https://sync.targeting.unrulymedia.com/csync/RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-f1b164c8-b634-4f23-ba4e-9985b20c6...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-f1b164c8-b634-4f23-ba4e-9985b20c6968-004
date
Thu, 05 Jan 2023 21:38:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf1b164c8b6344f23ba4e9985b20c6968004
content-type
text/html
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=deb48297-63e2-43b5-87ae-a658ae928e88
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=deb48297-63e2-43b5-87ae-a658ae928e88
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21503&id=deb48297-63e2-43b5-87ae-a658ae928e88
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=9003dbe3-7636-4ea7-88f9-833aed714060
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=9003dbe3-7636-4ea7-88f9-833aed714060
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:14 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=9003dbe3-7636-4ea7-88f9-833aed714060
access-control-allow-origin
*
date
Thu, 05 Jan 2023 21:38:14 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=0b5e14b8-d8dd-5406-b64c-69b1d5fb2af7
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=0b5e14b8-d8dd-5406-b64c-69b1d5fb2af7
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=0b5e14b8-d8dd-5406-b64c-69b1d5fb2af7
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-O3J4BzpE2uE1Fj.rzY_F9KdhjK6j1mxIpxcz6hc-~A&gdpr=0
date
Thu, 05 Jan 2023 21:38:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=19bb4c50-80fb-45ee-be86-8a9671366429
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=19bb4c50-80fb-45ee-be86-8a9671366429
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:15 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-72
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=19bb4c50-80fb-45ee-be86-8a9671366429
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=868120158182931325398
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=868120158182931325398
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=868120158182931325398
date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
redirectuser
ssp.disqus.com/ Frame 139B
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://sync.adkernel.com/user-sync?zone=176971&t=image&r=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D27%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpZaHR0cHM6Ly...
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D176971%26dsp%3D343983%26t%3Dimage%26uid%3D
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F20117%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-...
0
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg8%2BcfUzdK%2FnQ1nS9qzeveYFAzDwOxQXkixfHUSlTCL2qe6q4lIKgvUdPY%2BJZhkLrggDGyrsG2pG%2FZxKYbpOdsFyQIyl7AE4q9gDlnXWbZQIgNhmbxQ8jmOpWBbxWnoLB5kLW2tXQSogyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=Y7dDOxJA5nEkLlUdyGr4wwAA%264742
cache-control
no-cache
cf-ray
784f5c1f5910a814-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=6154674664221769188
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=6154674664221769188
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Date
Thu, 05 Jan 2023 21:38:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
16ad9437-9fa9-48df-9e1d-c15339a2489d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cs.minutemedia-prebid.com/cs?aid=21484&id=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=4anSi1d3XpFj&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=4anSi1d3XpFj&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=4anSi1d3XpFj&ev=1&us_privacy=[US_PRIVACY]&pid=562760&gdpr_consent=&gdpr=0
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-695db8c5d7-2g8rn
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=5283131600680293057&gdpr=0&gdpr_consent=
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=5283131600680293057&gdpr=0&gdpr_consent=
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=5283131600680293057&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 21:38:15 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=b4365f80-e197-4ac8-a476-8be711a491ac
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=b4365f80-e197-4ac8-a476-8be711a491ac
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

date
Thu, 05 Jan 2023 21:38:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=b4365f80-e197-4ac8-a476-8be711a491ac
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame 139B 		0
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=263f951b-fb4b-4c2a-a167-4470d1262b49
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=263f951b-fb4b-4c2a-a167-4470d1262b49
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=263f951b-fb4b-4c2a-a167-4470d1262b49
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 139B
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=F8ASBLZHStWSrf7NRP6IzVBC
0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=F8ASBLZHStWSrf7NRP6IzVBC
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Thu, 05 Jan 2023 21:38:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

date
Thu, 05 Jan 2023 21:38:16 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
access-control-allow-methods
GET, POST, DELETE, PUT
location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=F8ASBLZHStWSrf7NRP6IzVBC
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 139B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bd32cffb-1138-4013-b34d-42a18b83d117&ssp=minutemedia&gdpr=0&gdpr_consent=
0
0
sync
ads.servenobid.com/ Frame 139B 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=-O_fKD3ak_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:16 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.html
eus.rubiconproject.com/ Frame 1C06
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 21:38:13 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 05 Jan 2023 21:38:13 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4EC6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
a94280255033a33faf141029f6b069862b8e7b325c7257bd7509986b9567e984
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1369
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.js
eus.rubiconproject.com/ Frame 49ED 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0297187a15c549ddbc56e4cc245b27b2dff34880a84f8b9bba15a923274f4285

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 17:34:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71792
Connection
keep-alive
Content-Length
10066
Expires
Fri, 06 Jan 2023 17:34:45 GMT
usync.js
eus.rubiconproject.com/ Frame 4963 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0297187a15c549ddbc56e4cc245b27b2dff34880a84f8b9bba15a923274f4285

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 17:34:41 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71792
Connection
keep-alive
Content-Length
10066
Expires
Fri, 06 Jan 2023 17:34:45 GMT
async_usersync
ib.adnxs.com/ Frame BB79 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:13 GMT
AN-X-Request-Uuid
ec424100-010f-40d5-9020-8470cfd40c22
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 4963
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LCJM0XGW-O-MGI
  • https://ads.servenobid.com/sync?pid=323&uid=LCJM0XGW-O-MGI
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LCJM0XGW-O-MGI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LCJM0XGW-O-MGI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
cksync.php
contextual.media.net/ Frame 49ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LCJM0XGW-O-MGI
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCJM0XGW-O-MGI
187 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCJM0XGW-O-MGI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 21:38:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
187
x-mnet-hl2
E
expires
Thu, 05 Jan 2023 21:38:14 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LCJM0XGW-O-MGI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4EC6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPeN7qcGiwJkK_QqqkbuQ8CWSZNe3FH9w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPeN7qcGiwJkK_QqqkbuQ8CWSZNe3FH9w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYPeN7qcGiwJkK_QqqkbuQ8CWSZNe3FH9w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame 4EC6 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ecm3
s.amazon-adsystem.com/ Frame 4EC6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=krfbmAuY2d4jEk4dKcAekP7CraHBR77mP2YUv404FBw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=krfbmAuY2d4jEk4dKcAekP7CraHBR77mP2YUv404FBw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8GGCS1M16J9VAEDAZ698
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=krfbmAuY2d4jEk4dKcAekP7CraHBR77mP2YUv404FBw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
x.bidswitch.net/ Frame 4EC6 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 4EC6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=407b63b7-4344-4900-8e70-1a62e233a297&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 21:38:12 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4EC6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 4EC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 05 Jan 2023 21:38:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ea78c6c5-201e-40fc-bcad-6544cb4e54b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4EC6 		42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 4EC6 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:13 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 4EC6 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 4EC6 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 4EC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.79.234.101 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
cs
cs.minutemedia-prebid.com/ Frame 4EC6 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://onetag-sys.com/
date
Thu, 05 Jan 2023 21:38:14 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
cs
cs.minutemedia-prebid.com/ Frame 8778
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:407b63b7-4344-4900-8e70-1a62e233a297&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame 5F87
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7dDRAAJf4UlZAAF&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame 7362
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=ygmaxyuqnkg
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:37:30 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame AB67
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6154674664221769188&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame 2CDB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1a_Z3devj9vOrYKP2q-WjNv4gt7OrYKPh66Y8UpQ
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame D79A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame D20D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=GgbTFnpgTURN47JJTwBmBnRaSso
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
cs.minutemedia-prebid.com/ Frame 6473
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=JuhvTsv8DpyAuez6RkO3Yw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 9959 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:14 GMT
Pragma
no-cache
Server
nginx
expires
-1
cm
ipac.ctnsnet.com/int/ Frame E8C7 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Jan 2023 21:38:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cs
cs.minutemedia-prebid.com/ Frame F309
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=c196bdcb882d42e89222b0bce4bd0cd3
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pxd
dps.jp.cinarra.com/ Frame 1E30 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.187.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Thu, 05 Jan 2023 21:38:14 GMT
cs
cs.minutemedia-prebid.com/ Frame C794
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8mOu3Tww1PdxWd5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ads.pubmatic.com/
content-length
0
content-type
application/javascript
date
Thu, 05 Jan 2023 21:38:15 GMT

Redirect headers

content-length
113
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:37:30 GMT
location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 2B4C 		0
0
RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
sync.targeting.unrulymedia.com/csync/ Frame C1E0
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1345275028
  • https://sync.1rx.io/usersync/tradedesk/c2c06461-9e12-422f-a647-b2a193b86a7e
  • https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
43 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
43
date
Thu, 05 Jan 2023 21:38:15 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 05 Jan 2023 21:38:14 GMT
expires
0
location
https://sync.targeting.unrulymedia.com/csync/RX-56a1a930-dd35-49ab-a204-e8c7ed81ec94-004
pragma
no-cache
bridge
cm.adgrx.com/ Frame 98FD 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.207.233 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Thu, 05 Jan 2023 21:38:14 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
cookiesync
core.iprom.net/ Frame 15B8 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:15 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-4949323a67f2@version_1.532
X-core-time
1ms
X-server-arch
v2
i.match
a.tribalfusion.com/ Frame 3AFA 		43 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
784f5c15ef471c5c-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 21:38:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 2090
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 21:38:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 05 Jan 2023 21:38:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cksync.php
contextual.media.net/ Frame A23C 		187 B
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3159562927444215000V10&type=pba&refUrl=&vid=29546923003159562927444215000V10&ovsid=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.184.25 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-184-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
187
content-type
image/gif
date
Thu, 05 Jan 2023 21:38:14 GMT
expires
Thu, 05 Jan 2023 21:38:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=b_OfNdT0Re2lAPinmDl39A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=166256
accept-ranges
bytes
content-length
5554
expires
Sat, 07 Jan 2023 19:49:10 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 6CC6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a8755660-5eb2-4325-9aab-28ebff182f0c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=a8755660-5eb2-4325-9aab-28ebff182f0c%2C%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=a8755660-5eb2-4325-9aab-28ebff182f0c%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H3
Server
107.178.244.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c2c06461-9e12-422f-a647-b2a193b86a7e&ttd_puid=a8755660-5eb2-4325-9aab-28ebff182f0c%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame 6CC6
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
52.74.234.58 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.104
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.24.13
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 6CC6
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6FF39F35-D4F4-45ED-A500-F8A7983977F4&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6FF39F35-D4F4-45ED-A500-F8A7983977F4&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6FF39F35-D4F4-45ED-A500-F8A7983977F4&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:08 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:08 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6FF39F35-D4F4-45ED-A500-F8A7983977F4&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 6CC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkZGMzlGMzUtRDRGNC00NUVELUE1MDAtRjhBNzk4Mzk3N0Y0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
date
Thu, 05 Jan 2023 21:38:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
cs
cs.minutemedia-prebid.com/ Frame 6CC6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECUhXMRIldWDSWou1t63q0g&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://ads.pubmatic.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=6FF39F35-D4F4-45ED-A500-F8A7983977F4
date
Thu, 05 Jan 2023 21:38:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:86638E7BFB584693AD2D06680E0D97CA
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 21:38:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
6FF39F35-D4F4-45ED-A500-F8A7983977F4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6CC6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6FF39F35-D4F4-45ED-A500-F8A7983977F4?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.111.128 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-111-128.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 21:38:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b_v2EipE2uUm4fAhV9SOaje_rS8YgOM-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b_v2EipE2uUm4fAhV9SOaje_rS8YgOM-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-b_v2EipE2uUm4fAhV9SOaje_rS8YgOM-~A&gdpr=0
date
Thu, 05 Jan 2023 21:38:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8a41dd2f-0315-4d0f-8add-e42616441d1a&user_group=1&ssp=pubmatic&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:16 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5928092697178768584
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5928092697178768584
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5928092697178768584
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 6CC6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2677653772704877988&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%...
  • https://prebid.a-mo.net/cchain/2/7475?gdpr=&gdpr_consent=&us_privacy=&A=0fa4897a-e274-4c27-88fd-e7259d132336&bidder=pubmatic&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB3WXpW...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F7475%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e...
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-0c5a7980-a927-3e24-ada3-de001ea2e086&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=590d96531cde1ff7&is_secure=true&networkId=17100&version=1&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALWzXAkUZfwwNF7Lp9AAAAAAA&expiration=1673041095&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&...
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALWzXAkUZfwwNF7Lp9AAAAAAA&expiration=1673041095&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 21:38:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALWzXAkUZfwwNF7Lp9AAAAAAA&expiration=1673041095&nuid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6CC6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6154674664221769188
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6154674664221769188
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 21:38:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 21:38:15 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
52ad2570-dc33-49e7-a71d-279543e4812b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6154674664221769188
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1C06 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0297187a15c549ddbc56e4cc245b27b2dff34880a84f8b9bba15a923274f4285

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 17:34:41 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=71791
content-length
10066
expires
Fri, 06 Jan 2023 17:34:45 GMT
usync.js
eus.rubiconproject.com/ Frame 33E2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.86 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-86.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0297187a15c549ddbc56e4cc245b27b2dff34880a84f8b9bba15a923274f4285

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
content-encoding
gzip
last-modified
Thu, 05 Jan 2023 17:34:41 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=71791
content-length
10066
expires
Fri, 06 Jan 2023 17:34:45 GMT
sync
ads.servenobid.com/ Frame D2B8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=5283131600680293057&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync.php
demand.trafficroots.com/ Frame D2B8 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame D2B8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5928092697178768584&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5928092697178768584&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5928092697178768584&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame D2B8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8a41dd2f-0315-4d0f-8add-e42616441d1a&user_group=1&ssp=smartadserver&bsw_param=bd32cffb-1138-4013-b34d-42a18b83d117
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:16 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=bd32cffb-1138-4013-b34d-42a18b83d117&gdpr=&gdpr_consent=
Date
Thu, 05 Jan 2023 21:38:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame D2B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=c2c06461-9e12-422f-a647-b2a193b86a7e&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 6667 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 31 Dec 2023 21:38:14 GMT
usersync
usersync.gumgum.com/ Frame 33E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LCJM0XGW-O-MGI
  • https://usersync.gumgum.com/usersync?b=mag&i=LCJM0XGW-O-MGI
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LCJM0XGW-O-MGI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 05 Jan 2023 21:38:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LCJM0XGW-O-MGI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 1C06
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LCJM0XGW-O-MGI
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCJM0XGW-O-MGI
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCJM0XGW-O-MGI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
184.73.94.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://eus.rubiconproject.com/
date
Thu, 05 Jan 2023 21:38:15 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LCJM0XGW-O-MGI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=3197543272618260&bg=!-fql-r7NAAYDMoyoIzI7ACkAdvg8WkxHB7RkcMWs4Jw4Pmf4qEyCsYqoZuhtH6lHtENHtzEAkbx2XgIAAAB_UgAAAANoAQcKAM0pqVb3bR0o2LHZYoteVSIrNnghACavK5GnpcQ3CNfXLSQvSrdSzCVyC9VIbfszAVzMAAoCKGXLpaFJ1pw2QvKhoz_JNqz4N_ktaibYnQ7hoom4GHzo8_c9yOCg5eFYA8hwxg5Acwfw5nwu3A39X4kXkWesRYYNmHJMDMidZwpyx8qfQURyNo8iH2k5PLPKcOVBAraC3lOzAigmU0ujFNqRzPZ8Us-8Hin5VXc7OSvepsGkuVatq1MQZwlu_iW6b1hBKDi1R_46Q40kikT4mQKjg8iDgr51Ik_deKNYR8Ly7UvK6uhSjX__Pe2LjYOmzZJHlI0yJw99oUQzTtmWKPLWPvJgBE-rkN0ej617klYlkddPgl7sy1AIqRZJoMvpDJabujW_FnW_1TbamLE-yi_MujAN5BhVzvQDIzG7NWWHSDdWVhOQqUh40s15wEX8MhLcjmu7WA59DIuHxvFkrjyKLt06bymSHMI6-NlSuVP0I4i35eCp_tC80EbbEr2AYYzGKLOQtuKUrpMF1kbpfF8ytDHyeyOWuaXM1SGHTb7VqP4O8Gm6dZd6rGTnFzm297ogY0-dEdl6cDHyKFXZT-hcWklJBx7Jbg2ptZ6L8mhMJRzbxMJ2ksYDx5_bfjcx1Mz58wcp9Vo8H-NoM2J5LaWZQLWSV7BzMH78OEyjFUmqUdpqdIFUsmOknN1zHD2YMluoXRftwCsLsGdsJH0_dSppsPknzGIZwQfW9Td0zZDOtqivwdbOjdlRc7eiJGGf8ZUYspKLcE2m3erF1A1psAkMjVMIGTSIMJ0wn5u8AHZab-7o9UVe1esTR632FPQJuLfSpTnrwFFRMF4AIH13uSHVRpXyWVWAcGoyXxzdWfsBmiD4c27RVy7BKr_Vr_dhRQIpdOUsQ7ZxB51_Upvyk1iRGzWJGpuTrVE_1rio_X90TFFZqlBCoZCCIQ7eNtV5yWqh-urJ8ZoaMLuMVIlNYPdJSBNiJSGwkwhzRHXqydOw_xATolSLn9YXqOO-vFVTPtA8lbSdJTIQ1-5q_3jHOTVAt_uOIBuKdfLNWA2K9vXTUXog5DHWH8jniuq6Hu_bz4VNsLk3XEc1uzYYU2jsQmvubjyOaAW6vzbKCevXr4hVKr432dNIuEzKEn-Dhgx99xmNl5-s-gbZ4wh8TJKzZVv3GowZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe120&_p=1500053407&cid=890864016.1672954681&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672954689&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&dt=%E6%88%B2%E5%8A%87%E4%BA%BA%E7%94%9F%E6%88%90%E7%9C%9F%20%E7%B8%BD%E7%B5%B1%E5%A4%A7%E5%92%96%E4%B8%8D%E5%A5%BD%E6%BC%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 21:38:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 6CC6 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3159562927444215000V10%26type%3Dpba%26refUrl%3D%26vid%3D29546923003159562927444215000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 7499 		792 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97914018&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e735fe248546dd1ef2ff7558e9be9db1d0c31b40fbb4488f1cc94249cb2c9441

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Jan 2023 21:38:16 GMT
content-length
792
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame D878 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=6FF39F35-D4F4-45ED-A500-F8A7983977F4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 05 Jan 2023 21:38:16 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
141
match.deepintent.com/usersync/ Frame 879C 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
date
Thu, 05 Jan 2023 21:38:16 GMT
server
b
ImgSync
image8.pubmatic.com/AdServer/ Frame 5976
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:86638E7BFB584693AD2D06680E0D97CA&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 05 Jan 2023 21:38:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 05 Jan 2023 21:38:16 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
ads.servenobid.com/ Frame 46E6 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.174.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-174-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 05 Jan 2023 21:38:16 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 7499
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=407b63b7-4344-4900-8e70-1a62e233a297
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=407b63b7-4344-4900-8e70-1a62e233a297
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:38:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 21:38:16 GMT
Server
MT3 277 3f0ad7a master nrt-pixel-x22 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=407b63b7-4344-4900-8e70-1a62e233a297
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 21:38:15 GMT
sync
pippio.com/api/ Frame 7499
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=6FF39F35-D4F4-45ED-A500-F8A7983977F4
  • https://pippio.com/api/sync?pid=5324&it=1&iv=82616ae3cb60e416dab96157f17b99675f061dcf80d8bc004351b311db950d70791426b5417dce21&_=2
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 31D5 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58192744&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 05 Jan 2023 21:38:16 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame CFA6 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=6FF39F35-D4F4-45ED-A500-F8A7983977F4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 05 Jan 2023 21:38:16 GMT
Expires
0
Pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/match?bidder=6&r=Cid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAgYaOAE=&buyeruid=0fa4897a-e274-4c27-88fd-e7259d132336&gdpr=&gdpr_consent=&us_privacy=
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21492&uid=0fa4897a-e274-4c27-88fd-e7259d132336&gdpr=&gdpr_consent=&us_privacy=
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F20117%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D0fa4897a-e274-4c27-88fd-e7259d132336%26bidder%3Dzeta%26cbx%3DLy9zeW5jLmFka2VybmVsLmNvbS91c2VyLXN5bmM_em9uZT0xNzY5NzEmZHNwPTM0Mzk4MyZ0PWltYWdlJnVpZD0%253D%26uid%3D%24UID
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bd32cffb-1138-4013-b34d-42a18b83d117&ssp=minutemedia&gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-0c5a7980-a927-3e24-ada3-de001ea2e086&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYq7wNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vNC83NDc1P2dkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mQT0wZmE0ODk3YS1lMjc0LTRjMjctODhmZC1lNzI1OWQxMzIzMzYmYmlkZGVyPXpldGEmY2J4PWFIUjBjSE02THk5emMzQXVaR2x6Y1hWekxtTnZiUzl0WVhSamFEOWlhV1JrWlhJOU5pWnlQVU5wWkRGWlV6QjNXWHBXYUU1NmF6Uk5RekZvVDFSSk0weFVUbXhOYWxGMFdWZFNhRTE1TVd0YVZFRjNUVmRXYUUxdFZYZFBSRmxSWDE5ZlgxOWZYMTlmWDE5ZlFWTndWR0ZJVWpCalNFMDJUSGs1YUZwSVRYVmpNbFo1WkcxV2RXSXlTbkJhUXpWcVlqSXdkbU16YkhWWmVqbDNZVmRST1UxNlVUSktibFp3V2tReE1WbFRNSGRaZWxab1RucHJORTFETVdoUFZFa3pURlJPYkUxcVVYUlpWMUpvVFhreGExcFVRWGROVjFab1RXMVZkMDlFV1hsQloxbGhUMEZGUFNaaWRYbGxjblZwWkQwJTNEJnVpZD11YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYyAhgMOAE=&gdpr=0&gdpr_consent=
Domain
demand.trafficroots.com
URL
https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=5324&it=1&iv=82616ae3cb60e416dab96157f17b99675f061dcf80d8bc004351b311db950d70791426b5417dce21&_=2

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString object| adRecover function| setImmediate function| clearImmediate function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter boolean| ampInaboxInitialized object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck number| ampAdPageCorrelator object| listeningFors number| 3pla string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo boolean| descriptionPage function| quantserve function| __qc object| ezt object| _qoptions object| dataLayer function| gtag object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_tag_manager function| onYouTubeIframeAPIReady object| GoogleGcLKhOms

94 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQj4D7ntgwCgoIgQIQj4D7ntgwCgoI4gEQj4D7ntgwCgoI5gEQj4D7ntgwCgoIhwIQj4D7ntgwCgkICRCPgPue2DAKCQg6EI-A-57YMAoKCIwCEI-A-57YMAoJCF8Qj4D7ntgwCgkIHxCPgPue2DA=
.aralego.com/ Name: sspid
Value: 68f51386-dc42-344a-be53-ce4f52f4068c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn0b53H1Bra44PQ4akqj1B532rTtE37pE8YwBB0nWPde5KhjVe7wZwEbdpt9zU
www.bg3.co/ Name: __AP_SESSION__
Value: 0beb141f-f218-4b9d-b703-70afd7840ab5
.bg3.co/ Name: __gpi
Value: UID=00000b9eb1f9ad93:T=1672954683:RT=1672954683:S=ALNI_MbWtsreucjTNO9Dq4rZdyj4as7yhA
.casalemedia.com/ Name: CMID
Value: Y7dDOxJA5nEkLlUdyGr4wwAA
.casalemedia.com/ Name: CMPS
Value: 4742
.casalemedia.com/ Name: CMPRO
Value: 4742
.3lift.com/ Name: tluid
Value: 868120158182931325398
.yahoo.co.jp/ Name: XA
Value: e0i41q5hregpr&sd=B&t=1672954683&u=1672954683&v=1
.yahoo.co.jp/ Name: XB
Value: e0i41q5hregpr&b=3&s=lk
.send.microad.jp/ Name: TR
Value: ce72a3909bede42ada4b5bbc44bc738a57094a1acc4cc207
.adpushup.com/ Name: ap_uid
Value: 3c4ddd80-8d41-11ed-aa4f-6045bd1bca0e
.adpushup.com/ Name: ap_usid
Value: 3c4ddd81-8d41-11ed-aa4f-6045bd1bca0e
.dotomi.com/ Name: DotomiTest
Value: 5e219256702d1ff7
.zemanta.com/ Name: zuid
Value: RxAIg20t7_MTghkk-F1I
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: fec382dd-3782-4a6b-8638-5af8358028b4
.openx.net/ Name: i
Value: fec382dd-3782-4a6b-8638-5af8358028b4|1672954685
.omnitagjs.com/ Name: ayl_visitor
Value: 2a56eaf523a87d85a7dfb9a8ed08d125
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwvobdnQY4AUABSAEQvobdnQYYAA..
.adnxs.com/ Name: uuid2
Value: 6154674664221769188
.rubiconproject.com/ Name: khaos
Value: LCJM0XGW-O-MGI
.teads.tv/ Name: tt_viewer
Value: cff6a073-f202-4e58-922b-0b14090dca53
.bg3.co/ Name: __gads
Value: ID=22dd2d450e850add-227411de2cd900ae:T=1672954683:S=ALNI_MYs7JZDKitEyBTBBNjtL3VnMnB-JA
.quantserve.com/ Name: mc
Value: 63b74341-19e93-f8d94-19ed2
.bg3.co/ Name: __qca
Value: P0-912157730-1672954686179
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1672954689.1.0.1672954689.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.890864016.1672954681
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adsrvr.org/ Name: TDID
Value: c2c06461-9e12-422f-a647-b2a193b86a7e
.blismedia.com/ Name: b
Value: 63B743429051D3580D88331DBLIS
.yahoo.com/ Name: A3
Value: d=AQABBEJDt2MCEKj358oMWEJhevUbXWo57HIFEgEBAQGUuGPBYwAAAAAA_eMAAA&S=AQAAAkuDy1LqaebpvZW6oglZ2Mk
.tribalfusion.com/ Name: ANON_ID
Value: ahnseFm5ab7AyuoCUkTT8WdKMJtvYrn4mpQtnOTdC70vQ41d7UkpV1g7qNbRIyDe9uAkEhSvMLOlnO8WucF3
.bidswitch.net/ Name: c
Value: 1672954690
.turn.com/ Name: uid
Value: 2677653772704877988
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5928092697178768584
.bidswitch.net/ Name: tuuid_lu
Value: 1672954691
.bidswitch.net/ Name: tuuid
Value: bd32cffb-1138-4013-b34d-42a18b83d117
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1a06d316-7a60-4d44-4de3-b2494f006606.%2BDv4OCvDvS5jooh4oS4fKv7k1c9VwJDJYHouXx%2FSunM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGgbTFnpgTURN47JJTwBmBnRaSso.Qv8uYtsm6HlC8kJg33Jo1HtWGc8RujAtTpavOLXgOSQ
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22c2c06461-9e12-422f-a647-b2a193b86a7e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-05T21%3A38%3A11%22%7D
.openx.net/ Name: pd
Value: v2|1672954691|jElYiuvOiahI
.criteo.com/ Name: uid
Value: 4377d6e0-08f2-4754-89f1-dcc1fd38bc1c
.sportradarserving.com/ Name: zuuid
Value: a89092ea-b3ef-4471-8fa7-e66ecaa4dfdc
.sportradarserving.com/ Name: c
Value: 1672954691
.adkernel.com/ Name: ADKUID
Value: A692387004890502134
.openx.net/ Name: univ_id
Value: 537072971|c2c06461-9e12-422f-a647-b2a193b86a7e|1672954692007308
.media.net/ Name: visitor-id
Value: 3159562927444215000V10
.bg3.co/ Name: cto_bundle
Value: QgAu5l8lMkJ0WDcwSjR3YTFiZVNlTmtpVmdyc3B3WGRjZ1A4Z1Qyc0pZMjRxRGVsaXRuYm5rcm1pVlZUdElDRXYxUURHMUt2WDdEWk5HJTJCbUVrNlU0cFdDUXVTZENpdDF2eiUyQjE3Snd1djVqbGpXd2JaSzlXUEQ3ZDBWUFRvU2MlMkJVaGhQVUxGZXh0MVV2bFlrQUFZcGdYS0ZJYVElMkJBJTNEJTNE
.bg3.co/ Name: cto_bidid
Value: SCeCsV9CNFUxVE80ektnQWFtVE5lWXVaRzVKQiUyQndQM1lRTUdLeHhZdk1lQ0VNNGZXb09LaFVCbFVHYTVuUWo5QWlWcjNES3N1dSUyRnV1YWQ1NGhMNXpyUUlSY3VnMzRIMUloOFZON1ZZTE1ad1dtdGslM0Q
.linkedin.com/ Name: li_sugr
Value: 0e1402ad-8569-436c-b15e-524eaf653388
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&02233706-338d-4dad-8036-341e7914981a"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2852:u=1:x=1:i=1672954692:t=1673041092:v=2:sig=AQGCYhToxnhBOeKzO-5Kf7XvRcsY0HeD"
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A692387004890502134
.rlcdn.com/ Name: rlas3
Value: PkP3t/4W7BO3exb8/WYRZIxTez7kXe/IW/1M3U1oQoo=
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjcyOTU0NjkyfQ
.sportradarserving.com/ Name: zuuid_lu
Value: 1672954692
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1672954692
.bing.com/ Name: MUID
Value: 1505C76D896165A60752D5FD88F16446
.c.bing.com/ Name: MR
Value: 0
.prebid.a-mo.net/ Name: _sv3_11
Value: 1
.a-mo.net/ Name: amuid2
Value: 0fa4897a-e274-4c27-88fd-e7259d132336
.prebid.a-mo.net/ Name: sd_amuid2
Value: 0fa4897a-e274-4c27-88fd-e7259d132336
.admixer.net/ Name: am-uid
Value: 1f12617703e34a80bebfb98cf8a0063f
.casalemedia.com/ Name: CMTS
Value: 5033
.ladsp.com/ Name: smn_uid
Value: jPx8C3eAXrXb1rWuQQ-gRw8w_-Qkj9U
.ladsp.com/ Name: lum
Value: CMKI-57YMBIFCAMQ0AU
.mathtag.com/ Name: uuid
Value: 407b63b7-4344-4900-8e70-1a62e233a297
.media.net/ Name: data-g
Value: CAESEIFTftNuzmppQ0xH7lM6X2A~~8
.media.net/ Name: data-a
Value: 6154674664221769188~~8
.media.net/ Name: data-o
Value: e543d41b-3505-4f7c-bfa1-ec7ee3488995~~8
.smartadserver.com/ Name: pid
Value: 3455036589987631835
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKHWNerxtAu6HXrd8oPN4aCNls2EQ92P7xVlQcDlMc2zCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.amazon-adsystem.com/ Name: ad-id
Value: A8rvNaytG0kTmcKcoV_s2jA|t
.ads.pubmatic.com/ Name: KCCH
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~2999
.rlcdn.com/ Name: pxrc
Value: CMSG3Z0GEgUI6AcQABIGCO25KxAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y7dDRAAJf4UlZAAF
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIpJ6-yOXbtzsQBRIVCgZjYXNhbGUSCwjq58rY5du3OxAFEhYKB3J1Ymljb24SCwiIop3d5du3OxAFGAEgASgCMgsIsKXzjfzbtzsQBTgBWgc4bTMzems0YAI.
.media.net/ Name: data-mm
Value: 407b63b7-4344-4900-8e70-1a62e233a297~~8
.onetag-sys.com/ Name: OTP
Value: KnHEbMnE01xCNYklwot0HT-L5Pk6_M8CTmycmIHSgaM
.servenobid.com/ Name: pid_312
Value: 6154674664221769188
.gumgum.com/ Name: vst
Value: a_1684624e-5447-44eb-a2d1-6c7360b749e1
.w55c.net/ Name: wfivefivec
Value: 8mOu3Tww1PdxWd5
.lijit.com/ Name: ljt_reader
Value: F8ASBLZHStWSrf7NRP6IzVBC
.brand-display.com/ Name: _knxq_
Value: 360a9628-d1a8-a2f6-8f73bbbc.1672954693.0.1672954693.1672954693

31 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/5a44e05d85cdff30de4b60039c1d9261.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/254a03efee359e683f9eab3ae6745ca2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202102/f3d2752073274d2e981ec63a35de3b12.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202101/0b61a3d8c272b71220fe9a9f4dc10f64.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0c2218968a784b80a3731b45a1ec1915.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/bd2a26fa71903802ab74e0befad037af.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202101/600d78a73c237d372fc23b986e61e19a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202202/28448237c53c4f629da3958e8d8539d2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/0de5186e0ad6a223523c75b537fb414c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/8e7e2a2f2f8b3fe8b08aee12f5a4ef9a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/9b4ad80c085492e1e227be0648a6bcff.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6d38d17e1960745e3a768274dad825dc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e4a73656c934f0588f279a8c7b1c6864.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/9b49295894d3fa4082b3724bcb151b66.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/d5263dee18160833c87f63c1d4678c93.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202102/c1172f32b573730c3e9fe11b0dd6e949.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202109/172dd4c86f9b18820d4d81371bd1fe0b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/ab7f6cee67068f7013c2ecdf7cac1b98.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1f9e7b8c32ee9bd38ba25ca9fa1bdefb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202101/fc5a447e20fedab9ac2f1a953c43d1aa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8ae50210b4fc9f6274267cc6928c5241.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1672954682&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954680643&bpp=12&bdt=1120&idt=1941&shv=r20230103&mjsv=m202212080101&ptt=5&saldr=sa&correlator=3386343362402&frm=23&ife=1&pv=2&ga_vid=437385433.1672954683&ga_sid=1672954683&ga_hid=1428685206&ga_fc=0&ga_cid=amp-fKfH_EzXGIx_aV8GYZ258g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1148&biw=1600&bih=1200&isw=336&ish=280&ifk=3556469387&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071199%2C31071277%2C44779794%2C44780792&oid=2&pvsid=516345022958043&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.d4jvqepuch7z&fsb=1&dtd=1958
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEFarU72nqw78BzmYet5XUhI&google_cver=1&google_push=AavPq0NazTNoXcWZK07BbfwGsV6KEj6UhYqMB1Y2bfk2xm3f8AptzxvOuV9PKLfi-E1Pv8mxw84mfRYDpAZzp6qCQMZaNMEvJiArtOg
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954685690&bpp=3&bdt=533&idt=413&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&nras=1&correlator=2530137337724&frm=8&ife=1&pv=2&ga_vid=996576742.1672954686&ga_sid=1672954686&ga_hid=372403768&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071366%2C44779794%2C44780792&oid=2&pvsid=2693001854364226&tmod=1200168703&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.g01d7kadvf4t&fsb=1&dtd=430
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672954685693&bpp=1&bdt=537&idt=435&shv=r20230103&mjsv=m202212010101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2530137337724&frm=8&ife=1&pv=1&ga_vid=996576742.1672954686&ga_sid=1672954686&ga_hid=372403768&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071366%2C44779794%2C44780792&oid=2&pvsid=2693001854364226&tmod=1200168703&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.3fj2gt49ztpg&fsb=1&dtd=440
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EveGktanUtcmVuLXNoZW5nLWNoZW5nLXpoZW4tem9uZy10b25nLWRhLWthLWJ1LWhhby15YW4uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
javascript warning URL: https://www.bg3.co/a/xi-ju-ren-sheng-cheng-zhen-zong-tong-da-ka-bu-hao-yan.html
Message:
The resource https://d-25076016372874357454.ampproject.net/2212151632002/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21bcc2074a68fe1af593f8e40870fad5.safeframe.googlesyndication.com
3c020328368eaac4f13f168be7c82b7f.safeframe.googlesyndication.com
64f35454ed59414c358dc514ea40ac3f.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
aid.send.microad.jp
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c1.adform.net
c21lg-d.media.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cksync.yahoo.co.jp
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
csync.loopme.me
d-25076016372874357454.ampproject.net
d.adroll.com
dclk-match.dotomi.com
delivery.adrecover.com
demand.trafficroots.com
dis.criteo.com
dmp.brand-display.com
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm-supply-web.gammaplatform.com
cs.admanmedia.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
demand.trafficroots.com
odr.mookie1.com
pippio.com
prebid-server.rubiconproject.com
ssp.disqus.com
103.229.10.247
103.229.205.243
103.231.98.194
103.231.98.196
103.254.153.160
104.16.89.20
104.17.25.14
104.18.25.173
104.18.33.19
104.18.36.94
104.254.148.251
104.254.148.252
104.26.3.91
104.26.5.103
107.178.244.193
119.9.108.191
124.146.215.51
129.159.70.95
13.107.21.200
13.107.42.14
13.113.230.231
13.215.197.255
13.227.74.2
13.228.111.128
13.250.207.233
13.33.33.118
13.33.88.73
13.33.88.98
13.35.8.99
13.76.45.37
139.5.84.243
142.250.4.132
142.251.10.105
142.251.10.132
142.251.10.157
145.40.89.200
151.101.1.108
151.101.2.49
152.199.39.108
162.19.138.83
172.104.45.159
172.217.194.94
172.253.118.139
172.64.151.162
172.64.154.237
174.137.133.49
18.138.18.111
18.176.128.31
18.177.208.182
18.179.187.167
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
182.22.16.123
184.73.94.61
185.183.112.148
185.184.8.90
185.84.60.23
195.5.165.20
198.8.71.131
20.127.253.7
202.233.84.1
203.195.121.142
209.191.163.152
209.191.163.208
216.130.169.24
220.150.223.50
23.106.127.164
23.106.127.39
23.108.103.8
23.207.184.25
23.207.185.101
23.207.185.68
23.207.36.196
23.44.27.86
3.122.91.1
34.102.253.54
34.107.148.139
34.111.151.213
34.240.174.255
34.96.105.8
34.98.64.218
35.186.193.173
35.190.60.146
35.213.117.18
35.213.12.39
35.213.93.179
35.214.223.115
35.230.38.116
35.71.131.137
42.99.140.144
42.99.140.200
44.237.153.204
50.116.239.135
51.79.234.101
52.20.240.11
52.220.48.165
52.220.92.174
52.223.2.229
52.46.143.56
52.74.13.196
52.74.234.58
52.76.76.143
52.76.81.127
52.77.12.199
54.199.215.196
54.225.22.7
54.238.120.71
54.250.202.90
54.85.151.23
64.120.88.131
66.225.223.191
67.199.150.82
67.199.150.85
67.202.105.23
67.220.226.234
69.16.175.10
69.173.144.138
69.173.151.100
69.173.158.64
69.173.158.65
70.42.32.255
72.34.250.75
74.118.186.45
74.125.200.155
74.125.24.154
74.125.24.155
74.125.24.97
74.125.68.155
74.214.196.131
8.18.47.7
80.77.87.163
84.17.37.44
89.207.22.108
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
020d298d32a9f173a17f1352673b75b2d90f2e958e83cc06d52ec1b27d96326d
0297187a15c549ddbc56e4cc245b27b2dff34880a84f8b9bba15a923274f4285
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a91f379c6933603941991970de97e02b7606f066b6dedab5f2fd7ff9fa18c43
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c01f62ef2957bb91f255a8676f309360b3fcd68d8652e94bf10958d5cb54fe2
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49
0d27773a34df72e3622966e43b5f58a3f973c934d808745de9a88406a22c58bd
0d3252e0e8805bf19537e61f294a939d24cb1fc682aab479e84afefe0621d184
0fddacb1b4b94539fcb975e43c63d6b8fb2257f1c6cdefa318d156d4e5a57374
138ec66db7beafe10a128e0b4d28961d8fead5e602e94c2c174611af3fc2315d
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
17902dedebe288532705d6062ef51fec4019c0cd90b2e03f87b93f086804afc3
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
24e9da95f6d91961894a9009b8a6894e7fa6eec112f4da5e835910d0ed938652
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26aaeae2feae67a32dcbd6c66b025f534265ae68d5373276a8c3f21f2989ed1a
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
2e4b003e84d42e181f7bf7864838cc24ff1a1e9c030779f1a1579fffe68d6bcf
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
305378144252adebd9a253337304a16101a10b3396469185b9809e0879d0bbf6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324b20784d244e5fa6a63b67bc8a8022a7c30c75fb40ed44bd5287e934bfbcb7
335da60b4bd39fae05f568913042717d80d6717ec0c0db1841321eefd1f54f90
336645e75212ec204af312434f2216b46875d05feed5d342e908b542ba5179dd
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37114603e314b43008c3dbe162e09b40cf2cb2a59a20742eca949a04bca77f3a
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a25012177a22bd838094f24ead5bd9c18c7ee5f1414cf31210c65955b471ad
385a4b2dcb0907fe0928375c8d857ed0b2221954ec8a3464b921ff17d5656f16
38bf949efc1a0a2758e85c3af5bdf456bdd9dc578a6d791de0c1c5e43183ccde
3a55d04db6c0bf3bc1ff54e241ee78bcffa38c4bb8e2904f8be2e413549ebd40
3aa6a7cabb570d4c2eb2ece921bf0e3763e1c3a9498c6f78d3387fa2c3a2e0f0
3ca1233366499a8b78ba3f6182368530bd4c3c1c08e2eace2937553c349e0d2a
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3dc40a0dfead40daea4c547da2f0e19ad179852f18b520aa6c7e1ea5deccf0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45139a30ada0391cb442d007fe0242c783b3c776c92adc2a951a6caec72f9ef9
46306420d9a16f2917e48c0bc2d48f63e8891b165d6758e6ca59aba1c8c64b00
466a69d1c34515f7160698071b88155627443e14bda5a302c568d9aa9b5fa1c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed1300d1f068791adc415ff8ff6b572fbf29bce9c5cf684484d79cf1cad0f9d
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0d4544eb0db99495aac006d5de7d03a370ea41357b832252f067ee7e64a2e
502b0472f8a19527b2e8406234aa37b8941dc3c4fe9c8128e45ce5d48bff3a3d
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540ab9b9da3f5cdd2331255b67df6a5292f747a59769678df51e1385a65a28f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575896e7b1dcefa1a380aa20290d968ad47abbbed5cdfe5a7562f56a4e0f8430
586553ac2ebb61bace17b7e29fc63b7092a28be41e1150368c1aee84a5f7b7cd
5bfe955d5df32480de9b81e26ff720b9c73b125ed266cff15923354dd627dc17
5f3d992a8f5c1c422eaa51d219c1459bac9dad5cba9ecb372082de08e47b3944
60648cb246ce4141867e508bce0a2c82feae1415a695e7cb96acfc6acc7705bd
60ba73da0a33570a33111fee294a8c8f5cc08618ca3a9ff7fdfd0014f1c96f63
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
618046b97a7acf1c028e64e93ac3069f79b992b183f95283f4c5caef68894fa9
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e8a8d677d7b2f3ac3bfa393d6be3e01c26d6a656b1119fbb2a359518542a97
645f2e831aad792806d08fb23ad74725bd240ab0fa60de5d98d94ae670b441f7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6701244e91859aa933b1f108dfcc493b4a2a3f5ebaf82955adbf87d449e18815
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68a40ec286beafd4e0b2eab224a7df8016c79cab189815588693bf5e606eb0ae
69e771e0a2b4ee99cdaaf51f0a61e34588b56d24b0ddb0132e608629f87fb735
6a6825fc9df4df055e35475a8b34c61725724bcb391cd2ae3b6f638cf9387c25
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d6a12115663de93e4fb248daaada33bf516d3df4e0d794a5e5a19d2ddf6f69d
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ddd29e4d4e68e83c30efc046f35822ee29dba3f6017267799c4b32295692d0e
6ffff63ecb5376dedf3ba16f233578f7c606435b9007be46a4cb0adcf39fe496
70081d00c0fb5982f1481652ec181015a5fba43448a77e7ceb398b4af6498996
7192929078eeeeb1a42d4baa3629e65c2e9c20b7d4b1869344114d5cefd9aa2f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72da929af8a5819bed41e105de60b9c530643bdd37751b63fe1759d4c60d1f99
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
76a862dba57901fcc377abc56285bfd9eda47c05a5cb86b80da26cc404d5d50f
792217e49a389092393fe96c36fa75df87b0344d8f0fd04c11914df3f28a66b2
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a3b9b7a6b06f15b7f6d69f22efaed8c99f4952b2dec6250519343af65ea04bb
82085f26fbb972cc9755e65d84661a409d8a8ef753b67fb2422c3fcb80a0519c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
86dd6820f74bc0ce64eefaa5b6ba844b5910b4061668d17537d1ab5662b29570
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8c4591f30d7246bfd1500c5cf596cfea1655e616493cda06332b14f8fa858e34
8d4544d36644e6f4786d44d7dfe9ecac2540d9589bacaee8db830e0f854eda0d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91cb108ce804d7381c2f6d07e6223c3f59c802e78357ce54099434959f7ec16c
9721825fbdb0051571a5abcda53905627ac5953e3ed42bbc3be70635ecd6c0bc
9762f263107847db29ffb7c7ad0aed1990bf4ffedeca6bc05e11dc87fc50c824
987cf494483d44d5e01fe5928229625d7536ed129be62d788091bf001443f9ea
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbeecf079c0f8619f67c33c6ae7dc092581bddf261ec32f00ec2d142e58c45d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a94280255033a33faf141029f6b069862b8e7b325c7257bd7509986b9567e984
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9f6c97fb86faf246100e8a38e07d1733fcca9fa7d114f0d7b9f3b9896e33a8d
aca8e49862ba4301933023e4e37abc001f4001586bcf44498e87f35b1fed806d
ad0e7f1d744f1737ecd693b74ae25b16f324030ae4c611f8c30b1dc691880ebf
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a115579dc9706b503dfda493bcb03f676d90ad7ab704f7ac92fc90f2dc696f
b7c80316a514c0892bcf6f6c1966a463dfbb379d97c0fdcefb666408f17ed0dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc961d306f2fe131a977c5924adb503d481c5a735b9ef9c28ca66d3795ffc2b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c4254d81e721411a5a78d629467b823c9209d629cfe62319396c6b83a7892954
c42b451066222f15cacbdcac598d65cf8481e7e206e7e79131ecc0c961994ac6
c4ddd0b1f98300ea055a7c9af8cc56bcc9ec889a53d4d323d28c3e8f3e86efb5
c7b51460b22b055de1ec3aa5ea30c1232c80c1972443bd92f2c9433d8d0ec602
c825701176043164eb64dae58d008b34c8291cd54a30a329bad184d32d7ae1fe
c854904ff9b174279124c373152be17b526b1f829856f24d6de4b89c7446c413
ce6d01d1cc11f21a8c3d5b9258c2ab2824954ced81702b7b94b0c141864ff8b6
cfaedc868d74cf80dffb59cc3ccd2e56fcb0ad6ac4c51af72a60303a7e0b8480
d5db727fd4e104c78713445c4deec281d458163ae59d4561cbb358ee7a17c9e4
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d982e793e19c773219b3c155a18693fe1f37c17fd73c1e880c0ae9161631a5f0
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
db49cd0a9525be37293bbec39406b757d336b4c995b121ab09494a39407721aa
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df2097ec8d2fd758a13c06f0aba16a03a767e1c4f776ebebf5d68450c39d8e97
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e735fe248546dd1ef2ff7558e9be9db1d0c31b40fbb4488f1cc94249cb2c9441
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e9f7b513c47729fe016a2094e29448b6ebf0a40b4bb1d0b904f3dfc62a46d1a2
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ebab0b02fe6ac6c0ae54d8b5b786c003532bd70ba2aebdf65926add9f11d2e6b
ec85aee9632f830ae27b6fabdfcb80d250113d0adb3af8dbadc2d867bd0a3974
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eef6e50516dd1bc5e94db6685463176f5c05db0d2a21fe90aa3d3a3871a5b8ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0eb7973201ca402f42c8038faad3b8f64d79aabd911aeb633fbcb5765385ee1
f236584a620b5d8911c3d1869f6cc1bba1d8526eb6ab7cb7af6abafbc5e20b69
f2b7161e9df7ec6be5875e1925c2af8bd22a465c2cb826289b89e72f806648e9
f35d5dd60bfc4d51a6be58589f07c4ed73c3fe0ca02cd9f59a0ad057c4aa35db
f7f415eafecc5bca384e894cc3dabf88a8fcf85ce668442f17a810c76324f7dc
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fac55d9ee65ad8b74065a4c16ec23c9e9cc4532f0f20e7ef45cefb22ca305fd1
fbba0ecc7a5bf69929bd0434a2be74a858f9338a9c110a165736cf301839779e
fbd1e8b96c46848db89a70d3e4612e5ac22b113200bc3b376094eeed4cd0e3fb
febfb13abd60ea3fd7fb0e2682260b7459e02a4115fb69516edc9418d848c730
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff84e628b228a8918ff266ede2497646f017753d8f5c709331a2e15bf881a408