urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Submission: On December 06 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 8 countries across 55 domains to perform 347 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 79876.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
24 74.125.24.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 172.67.71.254 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
3 209.58.188.181 133752 (LEASEWEB-...)
26 104.26.3.91 13335 (CLOUDFLAR...)
2 48 74.125.24.154 15169 (GOOGLE)
2 69.16.175.42 20446 (STACKPATH...)
12 74.125.130.156 15169 (GOOGLE)
2 172.217.194.97 15169 (GOOGLE)
3 142.251.12.101 15169 (GOOGLE)
6 142.251.10.156 15169 (GOOGLE)
3 172.217.194.94 15169 (GOOGLE)
5 142.250.4.154 15169 (GOOGLE)
2 142.251.12.154 15169 (GOOGLE)
8 172.217.194.156 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
35 74.125.200.132 15169 (GOOGLE)
5 142.251.10.155 15169 (GOOGLE)
1 9 172.217.194.104 15169 (GOOGLE)
2 74.125.24.95 15169 (GOOGLE)
1 1 44.196.169.238 14618 (AMAZON-AES)
1 135.125.160.77 16276 (OVH)
2 3 35.71.178.8 16509 (AMAZON-02)
1 1 23.106.127.165 59253 (LEASEWEB-...)
2 2 52.74.13.196 16509 (AMAZON-02)
2 2 64.202.112.159 22075 (AS-OUTBRAIN)
1 1 35.208.249.213 15169 (GOOGLE)
2 103.229.10.247 16509 (AMAZON-02)
24 182.161.73.129 55569 (CRITEO-AS...)
2 182.161.73.132 55569 (CRITEO-AS...)
1 104.16.87.20 13335 (CLOUDFLAR...)
5 34.98.64.218 396982 (GOOGLE-CL...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 54.75.59.39 16509 (AMAZON-02)
2 52.68.16.50 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 145.40.88.5 54825 (PACKET)
1 35.213.117.18 15169 (GOOGLE)
1 18.136.149.241 16509 (AMAZON-02)
2 172.64.154.237 13335 (CLOUDFLAR...)
2 51.79.234.101 16276 (OVH)
1 23.195.153.54 16625 (AKAMAI-AS)
1 44.238.189.168 16509 (AMAZON-02)
3 5 104.254.151.36 29990 (ASN-APPNEX)
2 104.17.25.14 13335 (CLOUDFLAR...)
26 182.161.73.135 55569 (CRITEO-AS...)
4 182.161.73.142 55569 (CRITEO-AS...)
1 13.33.33.43 16509 (AMAZON-02)
2 52.183.162.69 8075 (MICROSOFT...)
2 182.161.73.136 55569 (CRITEO-AS...)
1 172.217.194.149 15169 (GOOGLE)
1 2 139.5.84.243 ()
1 1 139.162.38.30 ()
1 1 35.227.252.103 ()
1 1 174.137.133.49 ()
1 1 54.255.38.159 ()
1 1 23.36.252.26 ()
1 3.33.220.150 ()
1 151.101.129.108 ()
1 104.18.36.94 ()
347 58
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
24    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
26    104.26.3.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
48    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
12    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
securepubads.g.doubleclick.net
2    172.217.194.97 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com
3    142.251.12.101 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f101.1e100.net
www.google-analytics.com
6    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
adservice.google.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-37025665272400591383.ampproject.net
fonts.gstatic.com
5    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.co.nz
2    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
partner.googleadservices.com
8    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
googleads.g.doubleclick.net
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
2    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
2    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
35    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
5    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
9    172.217.194.104 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f104.1e100.net
www.google.com
2    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
1    44.196.169.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-169-238.compute-1.amazonaws.com
fksnk.com
1    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
c.eu1.dyntrk.com
3    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
2    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
24    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    54.75.59.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    52.68.16.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-16-50.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    18.136.149.241 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-149-241.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    44.238.189.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-189-168.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
5    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
26    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
4    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
2    52.183.162.69 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
s0.2mdn.net
2    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
1    139.162.38.30 (None, )

ASN- ()
a.c.appier.net
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
1    54.255.38.159 (None, )

ASN- ()
ads.yieldmo.com
1    23.36.252.26 (None, )

ASN- ()
cs.media.net
1    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
1    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
1    104.18.36.94 (None, )

ASN- ()
js-sec.indexww.com
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com Failed
01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
792 KB
54 criteo.net
static.criteo.net — Cisco Umbrella Rank: 675
pix.as.criteo.net — Cisco Umbrella Rank: 13963
csm.as.criteo.net — Cisco Umbrella Rank: 13661
599 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316
static.doubleclick.net Failed
581 KB
27 bg3.co
www.bg3.co — Cisco Umbrella Rank: 79876
static.bg3.co
14 KB
20 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 378
449 KB
15 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
5 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16173
e3.adpushup.com — Cisco Umbrella Rank: 17576
campaign.adpushup.com — Cisco Umbrella Rank: 30447
aplogger.adpushup.com — Cisco Umbrella Rank: 17878
235 KB
9 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17617
ads.as.criteo.com — Cisco Umbrella Rank: 13366
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 13989
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 429
114 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
acdn.adnxs.com
22 KB
6 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 14638
rtb.openx.net
u.openx.net
us-u.openx.net Failed
jp-u.openx.net Failed
7 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27903
sync.aralego.com — Cisco Umbrella Rank: 3630
4 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 121207
1 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com Failed
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 404
tlx.3lift.com — Cisco Umbrella Rank: 562
7 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
187 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 10945
46 KB
3 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1059
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
eus.rubiconproject.com Failed
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
557 B
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242
10 KB
2 gstatic.com
fonts.gstatic.com
38 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
1 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
cs.media.net
contextual.media.net Failed
2 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1113
pixel.quantserve.com — Cisco Umbrella Rank: 729
10 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 617
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317
pr-bh.ybp.yahoo.com Failed
879 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 942
1004 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 18180
10 KB
1 indexww.com
js-sec.indexww.com
2 KB
1 adsrvr.org
match.adsrvr.org
540 B
1 yieldmo.com
ads.yieldmo.com
470 B
1 adkernel.com
dsp.adkernel.com
542 B
1 appier.net
a.c.appier.net
559 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 288
159 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1022
634 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3896
517 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1457
502 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1023
x.bidswitch.net Failed
361 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1033
167 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1908
public.servenobid.com Failed
663 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
2 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1394
491 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1001
512 B
1 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5681
215 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5072
617 B
1 ampproject.net
d-37025665272400591383.ampproject.net
0 ladsp.com Failed
cr-p3.ladsp.com Failed
0 turn.com Failed
ad.turn.com Failed
0 bing.com Failed
c.bing.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 socdm.com Failed
gdn.socdm.com Failed
347 55
Domain Requested by
35 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
31 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
26 pix.as.criteo.net ads.as.criteo.com
26 static.bg3.co www.bg3.co
24 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
20 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
17 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
eb2.3lift.com
u.openx.net
12 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
9 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
7 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 ib.adnxs.com 3 redirects cdn.adpushup.com
googleads.g.doubleclick.net
eb2.3lift.com
acdn.adnxs.com
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 csm.as.criteo.net ads.as.criteo.com
4 adpushup-d.openx.net cdn.adpushup.com
4 www.googletagservices.com googleads.g.doubleclick.net
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 eb2.3lift.com 2 redirects cdn.adpushup.com
eb2.3lift.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
2 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.adpushup.com
2 aplogger.adpushup.com cdn.adpushup.com
2 cdnjs.cloudflare.com ads.as.criteo.com
2 fonts.gstatic.com fonts.googleapis.com
2 onetag-sys.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 b1sync.zemanta.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 ads.as.criteo.com googleads.g.doubleclick.net
2 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 match.adsrvr.org cdn.adpushup.com
1 cs.media.net 1 redirects
1 ads.yieldmo.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 rtb.openx.net 1 redirects
1 a.c.appier.net 1 redirects
1 s0.2mdn.net 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
1 googleads4.g.doubleclick.net www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 trace.mediago.io 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 c.eu1.dyntrk.com googleads.g.doubleclick.net
1 fksnk.com 1 redirects
1 campaign.adpushup.com www.bg3.co
1 01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-37025665272400591383.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 ssum-sec.casalemedia.com Failed js-sec.indexww.com
0 cr-p3.ladsp.com Failed u.openx.net
0 jp-u.openx.net Failed u.openx.net
0 us-u.openx.net Failed u.openx.net
0 ad.turn.com Failed u.openx.net
0 c.bing.com Failed eb2.3lift.com
0 s.amazon-adsystem.com Failed eb2.3lift.com
0 pr-bh.ybp.yahoo.com Failed eb2.3lift.com
0 x.bidswitch.net Failed eb2.3lift.com
0 px.ads.linkedin.com Failed eb2.3lift.com
0 static.doubleclick.net Failed
0 contextual.media.net Failed cdn.adpushup.com
0 eus.rubiconproject.com Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 sync-dsp.ad-m.asia Failed 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
0 gdn.socdm.com Failed 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
0 beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
347 91

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
c.eu1.dyntrk.com
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh

This page contains 41 frames:

Primary Page: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Frame ID: 3BCB420F654D64D7AB516418142BA4EF
Requests: 107 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2219614AFE7E7DFBB57766780DD3304A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 91E27A94927DB25C6AD27154039D9AE0
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 3E56F349285104E64FCC726567C16F2F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 6874E7A34706502CF5C1BD0E2C7B571E
Requests: 9 HTTP requests in this frame

Frame: https://beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6D24936C3D0A19B405609C9FC9CDF0D3
Requests: 1 HTTP requests in this frame

Frame: https://01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3ECF1667B8356F10D6FA65E9298A22DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Frame ID: 246B85444209CDAD0AD77483C5C57C33
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Frame ID: 70E01AE02DD1AA6FC8B7178C9FE327D4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 3D93965239DB8778BBA67ABA3591982B
Requests: 14 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 54280CB0A5B56F590FF96FDBA181F5E2
Requests: 29 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 74A751A4F431E144712070976B29DE50
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D3AA0E1A6F7A904120A54D4D33C11C4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 392A898AAEBDC6C1750C0EDDC70369F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 82EAAD84924B7DE4E8666390A2AB2913
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8354E6F874EECC1F467559C2EC44F437
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F2C5ACDE3BB25FD9C3B27CC60FDBB5E
Requests: 2 HTTP requests in this frame

Frame: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3B817E419C7061268FB8DADC03B7D0F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 0D36580159979EF2BE0DEF76866E0707
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 74875927D7ABDBC52CAD5A5CAAB90ED1
Requests: 14 HTTP requests in this frame

Frame: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 848F9B8805C278DA5A8193E4FC7A7B69
Requests: 6 HTTP requests in this frame

Frame: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2A9B06BD89F33F962A4092064535C265
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83AC2142129A98BED3CADCD7CF179CE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 950200EA7FD36319CC45C2AF49D1DD8B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 81CB0CDF205A0A7A7735AB8DD2BDEEC0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E1CBC009AD6CFDC8D5E1615A6C3A6BF0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html
Frame ID: E1C23A4F25EA8BEF1E6243A85A3D189F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY08SK0gEwAQ&v=APEucNUmMnDZULDqJCUmsu4jy9-34qGc7xcYWVUqnPBuMsEJI0zoHEsz88S2vI57l35OAqf5fvyxLgjOIz9suZoeWcsKK0xvwQ
Frame ID: 4B0E9B647F6F542F6500064A7D15D70D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C1F675731CC8AE1A7415B33D7157FE9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4575C61562D3213AA06841027310D64F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CCE859E3851FBACA21449BF985F93482
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ACC9C301A6243FBA5C60EDA1465151C1
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 255FD8BF57EB20673572BBD62BBD6C20
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2B23D70B18F7CED4A442E2B66C88B6B5
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B9025992EC13BCEFCC9F61ED5B204342
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 48520554965EEB6D9999776A62D0E780
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 35D69CC315856C271FEC1AC7E00823A0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EEF17C6EF2CC47B452F73489F69C02C7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670302934529
Frame ID: 4EF7D7D337330C5E4A1971A6F0C0264E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 57901A1CB9DB5010279C2C82A9C252A7
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B7433024AB71CF1489262299BD79C040
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

超難瑪莉歐續集 爆笑髒話罵不停 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

347
Requests

86 %
HTTPS

0 %
IPv6

55
Domains

91
Subdomains

58
IPs

8
Countries

3439 kB
Transfer

9273 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 117
  • https://fksnk.com/cs/google?google_gid=CAESEIL-SPgNrifOEUzeAMMTKgE&google_cver=1&google_push=ASkJ3Fb9EqjYh-BheJrdkZJe_RaUt1mRnCdbwcjVCXnwPPDRVA1NVdkkSgVw0eU5e7G3k4R7PMPzRknZ9AIhAlwCjv7eATMuM_snkXVAoTocl02S5WnFowxuIXQaUwtCKcXSyO4Dh0neTsP7s8t3mfSKcTo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTEwQTA2N0Q0REIzQ0E1Rg==
Request Chain 119
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFTiCI00019RnM5Ak0IYVqY&google_cver=1&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVISAwLrc3Zh3S2xZfNKHrHXaoieZJjTZBPTCuiITnK7JL3Rqqb75vhP0zKM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVISAwLrc3Zh3S2xZfNKHrHXaoieZJjTZBPTCuiITnK7JL3Rqqb75vhP0zKM&google_gid=CAESEFTiCI00019RnM5Ak0IYVqY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVISAwLrc3Zh3S2xZfNKHrHXaoieZJjTZBPTCuiITnK7JL3Rqqb75vhP0zKM
Request Chain 120
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEB2wrHTzU0emUwchY7d_huc&google_cver=1&google_push=ASkJ3FYa6JOIHPyguW3y2EDcXsqOTX2z2YQhKqvqC3Dx9U5NHuioiPXLWh4egoE5b-fWg_NARAXOgSe3qKMHVIsw6Fct1PoNncFlAIJ0GHBHmvMd2Fzn7dD9l9FWR6-lB4kB70Byf1lDcu9i5BKoPCV_-fQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FYa6JOIHPyguW3y2EDcXsqOTX2z2YQhKqvqC3Dx9U5NHuioiPXLWh4egoE5b-fWg_NARAXOgSe3qKMHVIsw6Fct1PoNncFlAIJ0GHBHmvMd2Fzn7dD9l9FWR6-lB4kB70Byf1lDcu9i5BKoPCV_-fQ&google_hm=ODY0MzA2MDM5NTc5MzQ0NDQ5MQ%3D%3D
Request Chain 121
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJcmTQd_Br7EjLIBI45sVlQ&google_cver=1&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0_QfcvSjr4ngEhCEl1H-vedeaL7kiQJ53NP6rbdAO1qKOPJwn68TkhY8yz1O7_kjkalnZfogrCVI3Uy2ooo HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJcmTQd_Br7EjLIBI45sVlQ&google_cver=1&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0_QfcvSjr4ngEhCEl1H-vedeaL7kiQJ53NP6rbdAO1qKOPJwn68TkhY8yz1O7_kjkalnZfogrCVI3Uy2ooo&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hMm0zb1hSRTJ1RUlUVG80ZDAwNjBEOHpqM204TUtvZn5B&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0_QfcvSjr4ngEhCEl1H-vedeaL7kiQJ53NP6rbdAO1qKOPJwn68TkhY8yz1O7_kjkalnZfogrCVI3Uy2ooo
Request Chain 122
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEE1xKzFJypEGzq0aKpsmuEw&google_cver=1&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqUvqGbZ8N9r7rSMy6wPmnc5htUvyDvc6gen_Xf0MBNwNcaWVGRInhMV-VxbNlY9wxsIFhHDPBSbCrM693 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEE1xKzFJypEGzq0aKpsmuEw&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqUvqGbZ8N9r7rSMy6wPmnc5htUvyDvc6gen_Xf0MBNwNcaWVGRInhMV-VxbNlY9wxsIFhHDPBSbCrM693&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqUvqGbZ8N9r7rSMy6wPmnc5htUvyDvc6gen_Xf0MBNwNcaWVGRInhMV-VxbNlY9wxsIFhHDPBSbCrM693&google_hm=QnVoMHJvcUdqQlhsMDlZT0JYSVQ=
Request Chain 123
  • https://trace.mediago.io/cs/google?google_gid=CAESEKvdOiq8yfeiFgnhiPLRS84&google_cver=1&google_push=ASkJ3FbNYaB92o53zD5VBq8h_wOW2GE8cdnFKPy58a7CG20QvEoHpbV5bZc2V7jvd26e6TO-2rczANSgHW5ze7UfeVzasGqNB8Y7-p3gHFffIHZcfNUxxxzH7vlwlb5-xwxEIElUr0rhgenR0cx7iNQiDV54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbNYaB92o53zD5VBq8h_wOW2GE8cdnFKPy58a7CG20QvEoHpbV5bZc2V7jvd26e6TO-2rczANSgHW5ze7UfeVzasGqNB8Y7-p3gHFffIHZcfNUxxxzH7vlwlb5-xwxEIElUr0rhgenR0cx7iNQiDV54&google_hm=b0120933d2583bc63691f402211a3e82
Request Chain 134
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&C=1
Request Chain 290
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y47M2.j9RxeftpfjyOhMcwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&google_hm=2
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkYR08h_Jy63atWwvDsMK8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIkYR08h_Jy63atWwvDsMK8%26google_cver%3D1
Request Chain 292
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MTQzODczNjQzNDU4ODg5OQ%3D%3D
Request Chain 304
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEBuFa0nPOWKT7UPDnglZBys&google_cver=1&google_push=ASkJ3FYJIF56xs9TvckpXsI47-regkkoGDXUJ9QoYN1OuFHE-qNfDkVtuqbWKIYo9HwLCC8jA_tefNOx6oMKYlla9c85b2N5cFCAyQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTQ3TTI4Q284WWtBQUZ0bFdTRUFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBuFa0nPOWKT7UPDnglZBys&google_cver=1
Request Chain 305
  • https://a.c.appier.net/gcm?google_gid=CAESEJV7yW34bW_sX_QhYwEvLzM&google_cver=1&google_push=ASkJ3FZqmTJrpBbem8BGIvyn871Rn-oZN9FHiKX37VbkEH1qflYX3lv0smjgyMuDFMfqpBmoZiAQ_d8NXhhujljGDI8lylOXmdk8jg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eFhEeGRJa0hEajJVbmZ1QzI4eU9Zdw%3D%3D&google_push=ASkJ3FZqmTJrpBbem8BGIvyn871Rn-oZN9FHiKX37VbkEH1qflYX3lv0smjgyMuDFMfqpBmoZiAQ_d8NXhhujljGDI8lylOXmdk8jg
Request Chain 306
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMvpkLDGghLUxpx3WhkBwwY&google_cver=1&google_push=ASkJ3FbTF3jJhv6gt2mbLGuenZ_MuROdGhQPxVlbXAKwyi4kzxVoNtQtKZhlTHr7c_tUb4rPscaLHJOZnNnyxTXS4B0KHE9R1Zu3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbTF3jJhv6gt2mbLGuenZ_MuROdGhQPxVlbXAKwyi4kzxVoNtQtKZhlTHr7c_tUb4rPscaLHJOZnNnyxTXS4B0KHE9R1Zu3&google_hm=Kg9cXKYxwdQfpuUxxB9zMw==
Request Chain 307
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAvjOB2uSmq2do1w66bjQFs&google_cver=1&google_push=ASkJ3FbAwWIf4QgFOtwzLm_nthLGvxouoaS_43Rt-qy_uSmRPZQ1f2dXpAi3weEaA9K7aflFEn7ZAe9rgmESIRiTUsk8nk1i-G3mdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMzMDQ5NDY2MjIxMzQ4NTYzMDc&google_push=ASkJ3FbAwWIf4QgFOtwzLm_nthLGvxouoaS_43Rt-qy_uSmRPZQ1f2dXpAi3weEaA9K7aflFEn7ZAe9rgmESIRiTUsk8nk1i-G3mdg
Request Chain 308
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENUQvTAXv18n6JHszCCYA20&google_cver=1&google_push=ASkJ3FYqk1Z_KDsdIO-YPMtuaHPwLyxu48i2QOqoSkgjV-TqHWxTqvefjcgRExJULGE_U9ofnfe6blu2_gzwP4JZIAPXF514eV9PTA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYqk1Z_KDsdIO-YPMtuaHPwLyxu48i2QOqoSkgjV-TqHWxTqvefjcgRExJULGE_U9ofnfe6blu2_gzwP4JZIAPXF514eV9PTA&google_hm=Z2QyNWUxZWMzYTQ4MTE0M2FjZTc=
Request Chain 309
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDbgnbmlC_M94pu7Y_4YyJQ&google_cver=1&google_push=ASkJ3FZb-PTANk0G_7KFmBxObnbuS0cYaf9tsaXl6G3xTVrMq4jqnJPEu8hthDTARAVv4QKj-6gkyCyXPhttmEBxFgClCXY5K51r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&mn_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZb-PTANk0G_7KFmBxObnbuS0cYaf9tsaXl6G3xTVrMq4jqnJPEu8hthDTARAVv4QKj-6gkyCyXPhttmEBxFgClCXY5K51r&gdpr=&gdpr_consent=
Request Chain 310
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEGyH2ilyp3xxSbH2rnW3ueA&google_cver=1&google_push=ASkJ3FYARh_IAnSu5OkihwvFAyeR4QcRBbTw63u8gxavt5RmNnd64OhrWhdLyu-PqkOr6lsxspYVIusezGntqzxRYU3s5zpQr_Bw3pQ HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEGyH2ilyp3xxSbH2rnW3ueA&google_cver=1&google_push=ASkJ3FYARh_IAnSu5OkihwvFAyeR4QcRBbTw63u8gxavt5RmNnd64OhrWhdLyu-PqkOr6lsxspYVIusezGntqzxRYU3s5zpQr_Bw3pQ&uid-set=1
Request Chain 336
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d717dfcd-639f-4f93-897b-684109d4ad4e&dongle=0cfd
Request Chain 337
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPfwABxdxOFKllaK_ACvNiE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 339
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D
Request Chain 347
  • https://match.adsrvr.org/track/cmf/openx?oxid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d717dfcd-639f-4f93-897b-684109d4ad4e&ttd_puid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0&gdpr_consent=
Request Chain 348
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y47M28Co8XUAANYf5q8AAAAA
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIZNLdVBIg-z7RN2iQI4Nbk&google_cver=1

347 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
www.bg3.co/a/ 		48 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e8add459fa399dafc26635b2de8ad210daa1eb36b61e519abc45200b3b1c613

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 05:02:05 GMT
ETag
"c061-oTqoEPY7TzWBPbA5RCySBrPPwio"
Expires
Tue, 06 Dec 2022 06:02:05 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
bceaaa8df473b26f22fda4afc2bc638fbcd6d3b157450a859910dd70fb9d92ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72666
x-xss-protection
0
server
sffe
etag
"aa8fadd6f8aaa473"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:06 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ddce71f85a370bf2976e7a5ea345b6751d383505bcb0d6aa4284481eda5cc6be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9665
x-xss-protection
0
server
sffe
etag
"5683f04eba08618c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:06 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
f05d9a32665adfa9a3d01d6b6bfa4550b5444578f7408503a44944d435cfc736
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"65a617a93a518160"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:06 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fc392e66c8480302b8b139922da3d69c5bc65f057b101bc1ba0737a0fdf650fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32042
x-xss-protection
0
server
sffe
etag
"8d52a7de4cfe57f6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:06 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4718
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCJ4sLrxVpdlFPfXg1Y%2BILWRm7EQpfbpFGzuZN1Bhw6lw5BF3fFi85j9gjlfNt4RzmexkoUCYVzX9WGa2T0jyJ0MAaInQrEzFdPOFwCwEIlP5Hb3Q31L1Vvo2jh0GrkCpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
775277b01d5eaac4-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
acbd967b013195d0a2c5f8ce38feb0c925bb330d8a684ee902c6b063e8ee0897

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:07 GMT
content-encoding
br
last-modified
Mon, 05 Dec 2022 08:00:27 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=10
x-cf-geodata
NZ
content-length
9084
expires
Tue, 06 Dec 2022 06:02:07 GMT
adpushup.js
cdn.adpushup.com/42753/ 		518 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:07 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
114452
expires
Tue, 06 Dec 2022 06:02:07 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5882
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEYJ1TK1%2F3ectZxOk17tBFyqlptu%2BOx%2BZaSoyl8ibVf0VAbH%2FFKASn163i5rLVPirnWx40uwQ1jWodGrLtdPPOioaFVLlB0IuoHdCXIId0i%2F4tnZz4HV71AB5JTeqL9teQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
775277b1f825aac4-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 05:02:08 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 05:02:08 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7722699582752635&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:08 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7247701322892466&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:08 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
6174b8c22d6d69eba691ba5540bbff65.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6174b8c22d6d69eba691ba5540bbff65.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8caca96a219adfaf45fe238fcfdbf268.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8caca96a219adfaf45fe238fcfdbf268.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d18018e0196c2e03715cab4de64b25ed.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d18018e0196c2e03715cab4de64b25ed.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ba40b5ab45591a73e6cfc12246bfdf39.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ba40b5ab45591a73e6cfc12246bfdf39.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
85e0e46558ece4653ad1572a5324ea08.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/85e0e46558ece4653ad1572a5324ea08.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1f419bcddf9bfd490c163211417d1a6a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1f419bcddf9bfd490c163211417d1a6a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e04583297cb953f71b75fc90af33a838.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e04583297cb953f71b75fc90af33a838.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
72d5d50fcac80232b7ad8a4c65719224.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/72d5d50fcac80232b7ad8a4c65719224.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
44ea5d7adfd67501ecc8d0c80bbdc8b9.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/44ea5d7adfd67501ecc8d0c80bbdc8b9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5c916d0bf772915fa6e27be3034be6ba.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5c916d0bf772915fa6e27be3034be6ba.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0ed511c14a8b5399cef2b4502ef4ed86.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0ed511c14a8b5399cef2b4502ef4ed86.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6964795facf4dc0f6ca71a6844756c4e.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6964795facf4dc0f6ca71a6844756c4e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3a12fb06a384c51771699214ba18a058.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3a12fb06a384c51771699214ba18a058.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1db78d24820192c5ce7abad0d07f7a72.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1db78d24820192c5ce7abad0d07f7a72.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1cb7c08921c03c00bddb45695c8bfaa9.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/1cb7c08921c03c00bddb45695c8bfaa9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3480df9de303e30c8fef5967af4ae547.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3480df9de303e30c8fef5967af4ae547.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f125b8e1e6780c1130118580e0600af2.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f125b8e1e6780c1130118580e0600af2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
30ae62455623b14e8de4096f70a36536.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/30ae62455623b14e8de4096f70a36536.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
906a3469aaf910f43fa97501a14ba0d1.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/906a3469aaf910f43fa97501a14ba0d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d31817ea70543205e3830976c619dcfa.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d31817ea70543205e3830976c619dcfa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
5379ba281fc524e81f438fb45f1fd649.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5379ba281fc524e81f438fb45f1fd649.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9360c67e3362930009dc0753ef351b1d.jpg
static.bg3.co/imgs/202202/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/9360c67e3362930009dc0753ef351b1d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fddead0c2edba9f5fd0cfdad93a1fa2d.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fddead0c2edba9f5fd0cfdad93a1fa2d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2c1c7cedf0c453508b88dbb32ba16ced.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2c1c7cedf0c453508b88dbb32ba16ced.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cec6585b9129f3e3ee697f97f0072cd5.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/cec6585b9129f3e3ee697f97f0072cd5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ee29e0b2bc93225f6294fdec209d9ca6.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ee29e0b2bc93225f6294fdec209d9ca6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
7ad04b2badabcf30f85b8ebd363e3a90be5af777d8b9b641f4f333cd95e14218
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:07 GMT
age
533763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"d121a6c96824df1f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:07 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
903cbdd1e7ac7fe874f0c2989b1f84c59969b89029038616f8e3e26784598b20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:07 GMT
age
533763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23061
x-xss-protection
0
server
sffe
etag
"7db2d400778a396c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:07 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
920 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
95a65d53627e823f9cb13dbf8ead3d39f8219f779b5e0e987e8aa4ead3de0ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
479
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
aee4e76db6bf16ef539fb860a248be6ff869cdd93a68857ea0e9234bf443b372
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:07 GMT
age
533763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"8f3dd7de4e903c77"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:07 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:10 GMT
content-encoding
gzip
x-sp-metadata
HS256.COK1u5wGEogBCiQyNzhjZjI1MC02MzQ0LTQ5ZjItOWRiNC1hYmFmODJmYjIxMWYQ+OiCoKvU+wIaBgjSmbucBiINMTE2LjkwLjc0LjE5Nij0gAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGVjYjhiZDQ2LTI1NTctNDQ0MS04YTE3LWUzMzYzMmNiZGUyMxi46QE=.RNHjArjUT5WWN2+G4ajYOOipqhEZLLvDVeGJvD0GBvw=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1670302930.dop024.la3.t,1670302930.cds239.la3.hn,1670302930.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:10 GMT
content-encoding
gzip
x-sp-metadata
HS256.COK1u5wGEogBCiQ0MDY5YjVmYi01MmUxLTRhMjAtYmFkMi1lNGM1MTVjYjk4ZTkQ+OiCoKvU+wIaBgjSmbucBiINMTE2LjkwLjc0LjE5Nij0gAIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDdmNjkwMTI1LTFhZTMtNGViOS1hZjZmLTdiZTcyYzZkMTZlNRib8QE=.sSHN2CI1k5jMC3/qYbbW5dsXd730ejWmso5WR/tIB6Q=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1670302930.dop024.la3.t,1670302930.cds239.la3.hn,1670302930.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2219 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9b2c9eb1b2603ee1e444e748eb3e0472dc2484d2bed303ee72c4bcd2313671b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34051
x-xss-protection
0
server
cafe
etag
10520310518940004852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 05:02:09 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 91E2 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
b12ab76a21bbde6e61c2048ff6cc7893cf2e14ba27c2bc8ca5fec67bedef34fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34055
x-xss-protection
0
server
cafe
etag
17073349919747042522
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 05:02:09 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5e2df8262e92950212e7f76e7723d7d0208fe500a4ac49b75492b4b56f4c9c59
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 12:55:21 GMT
age
58009
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10257
x-xss-protection
0
server
sffe
etag
"ae1d9564169f1c7a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 12:55:21 GMT
gtag.json
cdn.ampproject.org/rtv/012211182146000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Dec 2022 04:40:46 GMT
age
1283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"e33e8548c0038d22"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Dec 2023 04:40:46 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3E56 		714 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5536
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
775277b8c8d7a955-SYD
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 05:02:08 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf5qB%2BoNXxFF%2B6gIk4XRw0cMzHVUGuQ50s0wmOoY1N86rSAfa1vwF6wwgIl4RBHnLnDXV70Y3GlREwY0MVxsfVbixfO2QOsAnj8sGDIjhkGYYwhmir1dDhlNANTobi5u4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 05:02:10 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6874 		714 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5536
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
775277b8c8dba955-SYD
content-encoding
br
content-type
text/html
date
Tue, 06 Dec 2022 05:02:08 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eIfzTp5Ba1SykS8UgFDqpf6QhyUSKbhL6U4Xtm3rdRA%2BhtR3pP5jqnelLC1b9AutZJ4ZXaA1DICUeurzTpL54KshVc51DGnHN8uUyq%2FZsCWyi9jYrcSt1e%2FnyPc1GPmYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3E56 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
c36fdff491d2a57ca8121c558adb09bf90d777676efc7e122df051c574d8f89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
server
sffe
etag
"1413 / 816 of 1000 / last-modified: 1670286137"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 05:02:09 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6874 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
b27cf7f181b3ebc3f79a9fb888a60a0162f08e71f9ef723657cdd65051642540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27552
x-xss-protection
0
server
sffe
etag
"1413 / 21 of 1000 / last-modified: 1670286137"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 05:02:09 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 06 Dec 2022 05:02:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ Frame 2219 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
6c03f7a2de554f3d96bebb15c9253c645e23233d2a0359623daef9fabf3bd246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119781
x-xss-protection
0
server
cafe
etag
11089902166050774111
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 05:02:10 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ Frame 91E2 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
7ac4e491f079c1677930f708be9d035966245afcd724f23325c8814d7a599474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119781
x-xss-protection
0
server
cafe
etag
1358764937298702432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 05:02:10 GMT
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ Frame 3E56 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 02:42:55 GMT
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ Frame 6874 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267555
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 02:42:55 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%B6%85%E9%9B%A3%E7%91%AA%E8%8E%89%E6%AD%90%E7%BA%8C%E9%9B%86%E3%80%80%E7%88%86%E7%AC%91%E9%AB%92%E8%A9%B1%E7%BD%B5%E4%B8%8D%E5%81%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.46991412618777795&gjid=0.20317147789032153&_r=1&a=1804&z=0.35379696957004847&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211182146000/v0/ 		215 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211182146000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a95822f1c1371dc03a934df5f495fc124a15b9439a94eb474dd0ee21a8e156ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 00:46:54 GMT
age
533716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57831
x-xss-protection
0
server
sffe
etag
"dc1e08db80c6d301"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 00:46:54 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-37025665272400591383.ampproject.net/2211182146000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-37025665272400591383.ampproject.net/2211182146000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ Frame 3E56 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3E56 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3E56 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4261877265641272&correlator=1003441433260922&eid=31070945%2C31071150%2C31071157%2C31061167&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1670302931045&lmt=1644386353&dlt=1670302928843&idt=2178&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=lrkq9ecmf0ax&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=85947230.1670302931&ga_sid=1670302931&ga_hid=889873939&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
e82eb159df221777ba28e44c6b67156cdef1c17def2e55348ad28fdce0d1cac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D24 		0
0
integrator.js
adservice.google.co.nz/adsid/ Frame 6874 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6874 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6874 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2517372487379615&correlator=2664808827626452&eid=31071144%2C31071156&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1670302931241&lmt=1644386353&dlt=1670302928851&idt=2377&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iwfdirsll2nz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1706845983.1670302931&ga_sid=1670302931&ga_hid=1413451140&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
926fff08b4df87bfa12b856fe59d471b9a59c700c3f15a6f27daaaf4fcf40867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3ECF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:11 GMT
expires
Wed, 06 Dec 2023 05:02:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 2219 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
99a829fe58b6010104e3a527f3543c7a3aadd243f58a33d65769a1edf651c425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 2219 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2219 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 246B 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ca5350db4020b78c500d91efcee2e47adfd22e537524371e63fb376b71f61a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9974
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:12 GMT
expires
Tue, 06 Dec 2022 05:02:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1670302931356
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:11 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Tue, 06 Dec 2022 06:02:11 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=23
content-length
94168
expires
Wed, 06 Dec 2023 05:02:12 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=24
content-length
211
expires
Wed, 06 Dec 2023 05:02:12 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=21
content-length
17440
expires
Tue, 06 Dec 2022 06:02:12 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
c36fdff491d2a57ca8121c558adb09bf90d777676efc7e122df051c574d8f89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27555
x-xss-protection
0
server
sffe
etag
"1413 / 617 of 1000 / last-modified: 1670286137"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Dec 2022 05:02:11 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:12 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 91E2 		379 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a093d7eced580ff07adbb5f343b2db0f519eec181911b1fff911c372e4fedbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 91E2 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 91E2 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 70E0 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
f56be15a816f8caaf7a8a96a893a95461305c20de248c7988b3dc228a047070d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12005
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:12 GMT
expires
Tue, 06 Dec 2022 05:02:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzAzMDI5MzE3MjAsInBhY2tldElkIjoiMDAwMEE3MDEtZjJjMjgxMWYtYWY3Ny00Njg5LTkyMGEtMDhiMTQ3YzE1YzVhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tbmFuLW1hLWxpLW91LXh1LWppLWJhby14aWFvLXphbmctaHVhLW1hLWJ1LXRpbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6784.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:12 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzAzMDI5MzE3MjEsInBhY2tldElkIjoiMDAwMEE3MDEtZjJjMjgxMWYtYWY3Ny00Njg5LTkyMGEtMDhiMTQ3YzE1YzVhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tbmFuLW1hLWxpLW91LXh1LWppLWJhby14aWFvLXphbmctaHVhLW1hLWJ1LXRpbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6785
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:12 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzAzMDI5MzE3MjEsInBhY2tldElkIjoiMDAwMEE3MDEtZjJjMjgxMWYtYWY3Ny00Njg5LTkyMGEtMDhiMTQ3YzE1YzVhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tbmFuLW1hLWxpLW91LXh1LWppLWJhby14aWFvLXphbmctaHVhLW1hLWJ1LXRpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=6785.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:12 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
9881
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Tue, 06 Dec 2022 09:02:12 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzAzMDI5MzE3MzAsInBhY2tldElkIjoiMDAwMEE3MDEtZjJjMjgxMWYtYWY3Ny00Njg5LTkyMGEtMDhiMTQ3YzE1YzVhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tbmFuLW1hLWxpLW91LXh1LWppLWJhby14aWFvLXphbmctaHVhLW1hLWJ1LXRpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6794
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:12 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzAzMDI5MzE3MzMsInBhY2tldElkIjoiMDAwMEE3MDEtZjJjMjgxMWYtYWY3Ny00Njg5LTkyMGEtMDhiMTQ3YzE1YzVhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tbmFuLW1hLWxpLW91LXh1LWppLWJhby14aWFvLXphbmctaHVhLW1hLWJ1LXRpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6796.89999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:12 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D93 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211182146000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
b6959ba3f7da963feef4f63892e09695d472cdf86ea88e4a6c4f9449bdd35a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:12 GMT
expires
Tue, 06 Dec 2022 05:02:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3E56 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
d29f308b76c03e3489129aa320e0ceeb714ff734dc504f7978ace7ed22d9e396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12563
x-xss-protection
0
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 02:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 02:42:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Tue, 06 Dec 2022 05:02:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6874 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
1db0a4afd78b6d1fb3195b3c3d91c462beee2bd0c880aea3561620518e2619e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12421
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 246B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CF6Ue1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiAJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CQWFumeGi3nfctLZ1uW5b4L7cZUyJMmEVEcy72fnj8aDbxtRkyqSABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=qAaV2655Jj0&uach_m=[UACH]&cid=CAQSGwDq26N9SO2AsBySjy6URQmyQqCr0V6GWSSz_hgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 05:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 05:02:12 GMT
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 246B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k43fEZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQ08yOYyzGnGjkkDbncI0wABIAAA&wp=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
172865
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 5428 		172 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
27e4793879b789cdddce8ddb6f7e83b39391c9eca87ceeb7aa3dd14b10692e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=xgC6FZWqwgWs8aIdF5ikKYIusdsdK5_YkryFF-ftFJLVUbhqT5oTWTwN1C4g49dohoY07kn504ucg2fK_y6HM-ywRpCkDD50G4xUHmwQ0ltAMyuxvZn8ZGsT9oFU9zY9CP3Kc5RVxcLCJXmou28z8zC810gtxYrjeDu9J0KP6rL9PEUiZHk-7s9NhPlLRyDZyaobdLavA0CszfRcgCKjTqdoQedTFrzAzr1pFKNZ_9BXhFahx-3jntNb7YclpDN2AKltrpDjrdUETRUk"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
81151015
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 246B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
34071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 19:34:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 246B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
50744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 14:56:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 246B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 70E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-iOa1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiAJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgAy4lTlodBHgFHJFRDh8rYftmGB-_TswiWuxR8LPAFnWptByVcgGABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=T9uzziwsAUQ&uach_m=[UACH]&cid=CAQSKQDq26N93geRAETW2sD_Lv8kmCZfzXI5dsUBz9Iia_r6Ty3nRHj2YVzDGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 05:02:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 70E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k43fEZ_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQ08yOY6_yjWn2Al1iLArfABIAAA&wp=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
213800
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 74A7 		162 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1eb972ebfa2cb4dba2f9ea3f38dfd2c8a865a02ddca5b3a34fd5939be2fd44a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=oSPj5ZWqwgWs8aIds8z3Ys8cWEr4ckFA18UHT43ge2qCFIvmxqeuNMi4twhrJlV2fRkLxzfVqGU6LteY1trp1zp4ZhsVMD9uQtT7GZgZlCapCpnfRFauvfceTk8OvQLTEcY0O3wozwx_ucovdZx0Dz6LJuMfrn6EMrv2I6LgZcrDYxMdJeA3Xs83ypAQZDcLib82BfLAnNm73qbvE0DSfZFR2Sh3qxzEcHaYP1jvdQpE5ipu9eVT2IVjOkGavq6WyOvN-godVFp1zNLk"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
89944930
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 70E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
34071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 19:34:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4D3A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
51764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 14:39:28 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 14:39:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 70E0 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
50744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 14:56:29 GMT
l
www.google.com/ads/measurement/ Frame 70E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaTvGN5l9dbXzEvZ7dlCMdBRFKPha960EyD-r47wmp2piWhgNjTxgw4-JgPoN6i1DCVxeysd0uuJfLYfhaOQuqCETOBw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 70E0 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3E56 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:13 GMT
amp4ads-v0.js
cdn.ampproject.org/ Frame 3D93 		262 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-v0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
212f177514a137f13ace3a1f430ef052e524ec8ad8aa0bd2a214be3a88b28df2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69354
x-xss-protection
0
server
sffe
etag
"f38ac96c189f2066"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:13 GMT
css
fonts.googleapis.com/ Frame 3D93 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 04:19:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 05:02:13 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/v0/ Frame 3D93 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2c60bf4a936b5f8ecc728e3afd7e99c37c8f28d5f6a16137a498e86b8e46d238
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6626
x-xss-protection
0
server
sffe
etag
"17dbd79ee339a611"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:13 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame 3D93 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fc392e66c8480302b8b139922da3d69c5bc65f057b101bc1ba0737a0fdf650fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32042
x-xss-protection
0
server
sffe
etag
"8d52a7de4cfe57f6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:13 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ Frame 3D93 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ba265c4a139c5ea673f32664fa85d066d95471c65a62a25aa7ea2394c022d89c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14978
x-xss-protection
0
server
sffe
etag
"a7247b2521b76921"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:13 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ Frame 3D93 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8a2e79d4593507cf2a6fa048f730833875ac3efa2df904bf9faae8c15645d2c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 05:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2513
x-xss-protection
0
server
sffe
etag
"d6aa839bd3ffcf9d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 06 Dec 2022 05:02:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6874 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:13 GMT
pixel
cm.g.doubleclick.net/ Frame 4D3A
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEIL-SPgNrifOEUzeAMMTKgE&google_cver=1&google_push=ASkJ3Fb9EqjYh-BheJrdkZJe_RaUt1mRnCdbwcjVCXnwPPDRVA1NVdkkSgVw0eU5e7G3k4R7PMPzRknZ9AIhAlwCjv7eATMuM_snkXVA...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTEwQTA2N0Q0REIzQ0E1Rg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTEwQTA2N0Q0REIzQ0E1Rg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTEwQTA2N0Q0REIzQ0E1Rg==
date
Tue, 06 Dec 2022 05:02:13 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
us.php
c.eu1.dyntrk.com/adx/ga/ Frame 4D3A 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEDRJ8c-QTvjSW8Y3QZgTFQc&google_cver=1&google_push=ASkJ3Fbb43gHIo0LegLZrX8s7gFhgj05QeOneeOw5QmoI3j2LryUGbhZ0UWaFti8QwaADXIHj4obLPC93QpaBzXf4-1P2X4M5_vzJ-ES-U24mvI8EgZYg9BzW5kUFkuqfGRytgoH_5rCAQX5KgUgJiavJxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.77 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3195934.ip-135-125-160.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame 4D3A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFTiCI00019RnM5Ak0IYVqY&google_cver=1&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVI...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVIS...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0ja...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVISAwLrc3Zh3S2xZfNKHrHXaoieZJjTZBPTCuiITnK7JL3Rqqb75vhP0zKM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D&google_push=ASkJ3Fat_PI5MJj57726xTArCqvELwLC8Rah6gPtAWi68zvITl4Jv0jaCWDX9LPDQxU5kzc1ytAWpFwdiNggLT7dxyqjE1HqVISAwLrc3Zh3S2xZfNKHrHXaoieZJjTZBPTCuiITnK7JL3Rqqb75vhP0zKM
date
Tue, 06 Dec 2022 05:02:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 4D3A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEB2wrHTzU0emUwchY7d_huc&google_cver=1&google_push=ASkJ3FYa6JOIHPyguW3y2EDcXsqOTX2z2YQhKqvqC3Dx9U5NHuioiPXLWh4egoE5b-fWg_NARAXOgS...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FYa6JOIHPyguW3y2EDcXsqOTX2z2YQhKqvqC3Dx9U5NHuioiPXLWh4egoE5b-fWg_NARAXOgSe3qKMHVIsw6Fct1PoNncFlAIJ0GHBHmvMd2Fzn7dD9l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FYa6JOIHPyguW3y2EDcXsqOTX2z2YQhKqvqC3Dx9U5NHuioiPXLWh4egoE5b-fWg_NARAXOgSe3qKMHVIsw6Fct1PoNncFlAIJ0GHBHmvMd2Fzn7dD9l9FWR6-lB4kB70Byf1lDcu9i5BKoPCV_-fQ&google_hm=ODY0MzA2MDM5NTc5MzQ0NDQ5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ASkJ3FYa6JOIHPyguW3y2EDcXsqOTX2z2YQhKqvqC3Dx9U5NHuioiPXLWh4egoE5b-fWg_NARAXOgSe3qKMHVIsw6Fct1PoNncFlAIJ0GHBHmvMd2Fzn7dD9l9FWR6-lB4kB70Byf1lDcu9i5BKoPCV_-fQ&google_hm=ODY0MzA2MDM5NTc5MzQ0NDQ5MQ%3D%3D
date
Tue, 06 Dec 2022 05:02:12 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4D3A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJcmTQd_Br7EjLIBI45sVlQ&google_cver=1&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJcmTQd_Br7EjLIBI45sVlQ&google_cver=1&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hMm0zb1hSRTJ1RUlUVG80ZDAwNjBEOHpqM204TUtvZn5B&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hMm0zb1hSRTJ1RUlUVG80ZDAwNjBEOHpqM204TUtvZn5B&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0_QfcvSjr4ngEhCEl1H-vedeaL7kiQJ53NP6rbdAO1qKOPJwn68TkhY8yz1O7_kjkalnZfogrCVI3Uy2ooo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hMm0zb1hSRTJ1RUlUVG80ZDAwNjBEOHpqM204TUtvZn5B&google_push=ASkJ3FZARysSDhs9Xrs0dZcO6pV6oK5U9n7dp3BP5l1Uds2pnVoIfYCOtbkIUeILymeH0UcEC0_QfcvSjr4ngEhCEl1H-vedeaL7kiQJ53NP6rbdAO1qKOPJwn68TkhY8yz1O7_kjkalnZfogrCVI3Uy2ooo
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 4D3A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEE1xKzFJypEGzq0aKpsmuEw&google_cver=1&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqU...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEE1xKzFJypEGzq0aKpsmuEw&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqU...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqUvqGbZ8N9r7rSMy6wPmnc5htUvyDvc6gen_Xf0MBNwNcaWVGRIn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqUvqGbZ8N9r7rSMy6wPmnc5htUvyDvc6gen_Xf0MBNwNcaWVGRInhMV-VxbNlY9wxsIFhHDPBSbCrM693&google_hm=QnVoMHJvcUdqQlhsMDlZT0JYSVQ=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ASkJ3FbO2GTIXY3XJUpS1U9xIK3Xf3QrA7N5SZlBwTXZf8D2o1zvQgfddYJ_tXZzJVozR8u-frMqUvqGbZ8N9r7rSMy6wPmnc5htUvyDvc6gen_Xf0MBNwNcaWVGRInhMV-VxbNlY9wxsIFhHDPBSbCrM693&google_hm=QnVoMHJvcUdqQlhsMDlZT0JYSVQ=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
296
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4D3A
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEKvdOiq8yfeiFgnhiPLRS84&google_cver=1&google_push=ASkJ3FbNYaB92o53zD5VBq8h_wOW2GE8cdnFKPy58a7CG20QvEoHpbV5bZc2V7jvd26e6TO-2rczANSgHW5ze7UfeVzasGqNB...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbNYaB92o53zD5VBq8h_wOW2GE8cdnFKPy58a7CG20QvEoHpbV5bZc2V7jvd26e6TO-2rczANSgHW5ze7UfeVzasGqNB8Y7-p3gHFffIHZcfNUxxxzH7vlwl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbNYaB92o53zD5VBq8h_wOW2GE8cdnFKPy58a7CG20QvEoHpbV5bZc2V7jvd26e6TO-2rczANSgHW5ze7UfeVzasGqNB8Y7-p3gHFffIHZcfNUxxxzH7vlwlb5-xwxEIElUr0rhgenR0cx7iNQiDV54&google_hm=b0120933d2583bc63691f402211a3e82
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FbNYaB92o53zD5VBq8h_wOW2GE8cdnFKPy58a7CG20QvEoHpbV5bZc2V7jvd26e6TO-2rczANSgHW5ze7UfeVzasGqNB8Y7-p3gHFffIHZcfNUxxxzH7vlwlb5-xwxEIElUr0rhgenR0cx7iNQiDV54&google_hm=b0120933d2583bc63691f402211a3e82
date
Tue, 06 Dec 2022 05:02:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 4D3A 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLXMWgTNe7ORnM09XnMQ_FpMMd-zdwxhBAHJEkeKShc6y-ETpNK2pbPLzXkRzoVkbw803T9IRr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929757&bpp=18&bdt=2148&idt=1936&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=1&ga_vid=506632865.1670302932&ga_sid=1670302932&ga_hid=1142535725&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=4211220805&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777877%2C42531706%2C44777506%2C44770881&oid=2&pvsid=3740778782382103&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o1xwyfu3om5q&fsb=1&dtd=1953
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 13 Dec 2022 05:02:13 GMT
truncated
/ Frame 70E0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fa6f1daceb0d8b84b86ded11bbd88be5b0a3b1d94f6d6569977e7dd0e79ae35

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 246B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e863d3c90bf2d50ea88a28ab13c23597bd23f15c4b8fd25892e7502537cc8551

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3D93 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc2136f823da8cdae8e011bad664c5a48f5e51602ad92431c67ffda1c526e24c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5428 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:13 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5428 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:13 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5428 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 01 Dec 2023 05:02:13 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5428 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 01 Dec 2023 05:02:13 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 5428 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=ysi3huDNrJgqjPDWEW-T0K5sQM6v63BsqJKi8OnE-NjLtMvdhTi6tHX2i6NPvrr4gsRGgkbrvPaqIx55swFZSDVIZqUy2TQ3qeZAyuIdHbt0zBTDnZk20weXfqqUourvq_wzsYVKmq45jrmQc9WSkGDZc5LD51VONAaHQhX5QyM4TVIMIevqWSio7PUofiV45KWY552_YuyBgrtr0vzGLY6hnnfH3C_gvX4Jtyyo2ZEGwLbCEAtbhZh2-xzouUOBagbjuoTD3KI9W-5A1Dxu5ML4_-bPVUAqTwB_hZ3IvOwEyNtLTvqMfl7SS7bXmY9TLxkB5ZntzmPy6VA3WMGj9acLDBi5NHjRG8DK5HYdpYbI4W_2pz21lFgvQjABRazMOiNdPshWCnDF1o8ax2O9aRigbchUwprTKAQLfO9ds7CQpVlq
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1733010
expires
Mon, 26 Jul 1997 05:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3D93
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 05:02:14 GMT

Redirect headers

date
Tue, 06 Dec 2022 05:02:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 3D93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7eVhjsHM6fHNSit0dUa8zk0nMXENRdn8NoJ_bhU0sQPROXB3n9Litje2devikFVqNWDcJttMAdHFCeEiGMKkQRigaoA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 3D93 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C9rbw1MyOY_aCAoWxyAPiup6ABJ26mpJtpb_smZQQwI23ARABIM_m1Xtgq-yxheAYoAGV3_yhAcgBAakCo5Bz345GgT6oAwHIAwqqBKcCT9DDI7k9WKwdjowAnS_p28kpUWz05gPSLgbk0MhlpNuXJ-qFVmrLG_o79Vkh5yOMAD5CBf8H7uRQZbz8lQ_GCnBA1yzVZMOOgq70Dwv7XsMY929_Tpb08YHV2bs78Vt3X3pKfZCM1C7PEyFgBjNKbKWqrP8t-B0DdXgJMn6X7IdNu3CN4IxilWz57K5kk5ps2BOftGpm4EGHhFbp_6ZqA1ShT1qe4yG3t4TqNui7vzvXMFJKAYqaifwrRjudurbjC8yDCXLxhDjZZe9_ykoSm2_QH4BoPH3lctsx8CuPw8cA9OT7HELTAyYpgND50q3sAf_c7BWGZqw8u7t6O_EPK-ivVOGMj33a9XiAk3LNziFomI621itA5XANbXkdNX19Hw08P8AEwMAE4OS7uIwEkgUECAQYAZIFBAgFGASgBmaAB9Ogg94CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ15IG0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQJ0BUBgBcBshccChoIABIUcHViLTMyMTYyMzE5MzU3MTMwMzgYAA&sigh=NWYdSlE7Vgw&uach_m=[]&cid=CAQSKQDq26N9n-XzJ3fTq2eO_sDoj-jr_HdSXKOwE44IpqvrlRRgTGC6O9q_GAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 05:02:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3D93 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 07:12:57 GMT
x-content-type-options
nosniff
server
cafe
age
78556
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Tue, 06 Dec 2022 07:12:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3D93 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-38042472053507688820&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3399&oid=2&is_amp=5&amp_v=2211182146000&d_imp=1&c=690001804&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&ga_hid=1804&dt=1670302931136&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&bdt=4862&dtd=694&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:15:05 GMT
x-content-type-options
nosniff
server
cafe
age
46028
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 06 Dec 2022 16:15:05 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221206
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6251151843a02330294884f9e8bdce5d978dc85b282533a89ccb616b9247aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3674
x-jsd-version
1.0.1547
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4546-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"670-B615RXi8NnGIFH7fs30Xtj8bACI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2%2BqPa%2Ft%2FC%2BlJO09TpK%2FS1jTXv8bs5dkRg%2BZV5nuqwhr4a5jSozW9B4Gf8D%2BWcpwisbrMrbdjd3x%2BZVYnATS5IZOL15DLcoeJlhJH37Ot3EUs5BGvTgqMYamRpCB7C0KIuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
775277d848fba7ea-SYD
arj
adpushup-d.openx.net/w/1.0/ 		34 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=da7f505a-95a0-4130-9105-4af34c8ce76b%2Cf3ced9fa-2213-460a-b3cf-b0b505d98779%2Cf72cbf9b-5e68-45f7-80b9-18e9ff74ccf5&nocache=1670302933461&pubcid=26f5e939-a630-470d-a304-616e73217a74&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d237e041d06fedea52b1eba0606d00369f009ab41d5a2d881fed4bfa548280a4

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4676
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6c54e596-187a-4e4c-9710-3e7eb655ef75&nocache=1670302933462&pubcid=26f5e939-a630-470d-a304-616e73217a74&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8aadf1f0-eed7-458a-ba1f-031483dc2180&nocache=1670302933462&pubcid=26f5e939-a630-470d-a304-616e73217a74&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=97663fe4-f5c0-4859-a8bf-68b099087799&nocache=1670302933462&pubcid=26f5e939-a630-470d-a304-616e73217a74&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=54207976843
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
adreq
ads.servenobid.com/ 		717 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9044
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.59.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-59-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.16.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-16-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
27ea348afb037e5427eb648fd71118f64690e90135e4721595cf2e743cf24209

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.16.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-16-50.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d8370b807d1d4c18c166437963e66441ec378854186e24bba3f347af27d219ec

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
x-prebid
pbs-java/1.105.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=26f5e939-a630-470d-a304-616e73217a74%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=f4d671ec-3c11-4d20-9396-627bac4149e5%3B65f1bdfa-5a46-401c-851b-8d8ce7bc1d65%3B068c3e53-b7ad-4444-8a57-73d945e11593&l_pb_bid_id=1785c215f079c0d%3B185ac1044a91a62%3B198e7626a2eab11&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.5761376376115883
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9d2c2839e4cead17d45e9807e75fd55eb2da553a73494f672001c91e98592c4e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d60600ceb57cf27518dd9f2c3217d47cd38b226f4d3644923dc7477d768db910

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
257
alt-svc
clear
expires
Tue, 06 Dec 2022 05:02:13 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 06 Dec 2022 05:02:14 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
635abd7fbbbba9e1a6821a89418ae23628ad0f9cbd398646b6b0874ae6b34339

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 06 Dec 2022 05:02:14 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
auction
tlx.3lift.com/header/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.149.241 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-149-241.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1a18adcfa4c6209d9cc059fa60d16d31d136a880cb68eac3f4bf029472df1914
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
3989
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2244970afbe828eef%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2251409be5334c4ac%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22546dfedeb809042%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225577194aed70a4f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2226f5e939-a630-470d-a304-616e73217a74%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3769738ed16c8c5b4eb41e051ac6b7826f924d9e31d3305bbe03b4f6e31143b7

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1CsGW98MZO9ildec9%2FabJhW67P2o5A5AWHIS6KpVayXMUpsf%2BJKT4toVfynnRoahpxRp7MRrBJ0aQmB4ndIy4wiMeaiy1E1t54udPUmhCcl27kGG4%2BZ5F5k63MGvS5SKON%2B9iNS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
775277d8389d1c5a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2244970afbe828eef%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22546dfedeb809042%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%225577194aed70a4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2226f5e939-a630-470d-a304-616e73217a74%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3769738ed16c8c5b4eb41e051ac6b7826f924d9e31d3305bbe03b4f6e31143b7

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1AtpPw0t2pB%2BIDJOFMPKmOccb7c7%2FrMak7k5YMfBarULInGCJn52ecrOatp8ihd8iWNysmqjLiE96HYCL%2BbRe2fGL9rmzs2hmPCsMNLTXy3UNkmmyWpj%2F%2FQK%2FmRhir3jmISnW7z"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
775277d838a01c5a-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 06 Dec 2022 05:02:14 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.189.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-189-168.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
8
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		361 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
51a960aadb8d9485808d85c71cba1d14a0b1ed0e9be5c81737c56dfbcb9008ac
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:14 GMT
AN-X-Request-Uuid
94539f5a-fe79-4e5d-ba4e-f14ced42d585
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
361
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3D93 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 12:29:28 GMT
x-content-type-options
nosniff
age
232366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17204
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 12:29:28 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 5428 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 5428 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5428 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
383324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwiVbA%2B2yrNIlF4ECE0%2FMbvDQNuruBScQ4nx8BtWW%2Fr8OiPQW7f%2FZlZ9ThSTRYAFgeR0KLWwhy9fyQJVBz7mfai5Jm3G14BVJ0F%2F6I3vY1DfOizui21HxZRrVxBpy%2FlEGs7wY5BD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
775277d8ead0aac1-SYD
expires
Sun, 26 Nov 2023 05:02:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 392A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
90080
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:53 GMT
expires
Tue, 05 Dec 2023 04:00:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 82EA 		783 B
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
b6b71485f9a7f2408269c8797b8fe25a0dbcf6171370b25edc20b75868aa8a58
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-re2KhchjacVNidY4QaAYug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-re2KhchjacVNidY4QaAYug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:13 GMT
expires
Tue, 06 Dec 2022 05:02:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8354 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
90080
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:53 GMT
expires
Tue, 05 Dec 2023 04:00:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5F2C 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
8f81f92fe1f59217c1058a8eddf20d055799063c3a26aabe7acfddcb6976c94e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MJ4TmKf_3rMYe8cl0Em0jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-MJ4TmKf_3rMYe8cl0Em0jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:13 GMT
expires
Tue, 06 Dec 2022 05:02:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame 5428 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame 5428 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-d350"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54096
expires
Fri, 01 Dec 2023 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F190603%2F2dff6bd7f81440d493b2b749e0ded2b5_logo_n_horizontal.png&v=3&w=668&s=KCPp5-fJJDCQ9qgTEssM5hEc
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27988218
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4512
expires
Thu, 26 Oct 2023 03:32:32 GMT
img
pix.as.criteo.net/img/ Frame 5428 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_CZ4456-503_C_0050_al&v=3&w=400&s=hkmADEgc70lV7naJW_4oAvYK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f0a0092830c3f7eaa8113d93ab6d8b61b4580a58a9de5147c06963c2c4b3a6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13022
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_553558-063_C_0001_al&v=3&w=400&s=Y2nV8izWz0J5n7W1LxSWQEUp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c227f7890d9322a465fd5af0b6819939b251653890603e5fdec8f40fd96e8a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8338
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_033436_al&v=3&w=400&s=CjAjMI7-l-4X89SjI0wLxO6Y&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
59417b32fa3ddd3cabfc16abd30d9f2263afc446fdc87e15248b7fdcd88677ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10206
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_DX9656-010_C_0001_al&v=3&w=400&s=8IZ6sZiGMCJt5NDncpXvmMFW&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8672
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_496606_al&v=3&w=400&s=SR-aNxe5lzwAX3VZV7yhZ0Ty&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4756
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_348391_al&v=3&w=400&s=dNpvWwONWy0mqpa_Sx3ffNqk&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f8ddf5511fa34371aa9eb11de06d3eba917c0c00422cf92c780b79727ab4ab96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5506
expires
Tue, 06 Dec 2022 05:02:14 GMT
all
csm.as.criteo.net/ Frame 5428 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xgC6FZWqwgWs8aIdF5ikKYIusdsdK5_YkryFF-ftFJLVUbhqT5oTWTwN1C4g49dohoY07kn504ucg2fK_y6HM-ywRpCkDD50G4xUHmwQ0ltAMyuxvZn8ZGsT9oFU9zY9CP3Kc5RVxcLCJXmou28z8zC810gtxYrjeDu9J0KP6rL9PEUiZHk-7s9NhPlLRyDZyaobdLavA0CszfRcgCKjTqdoQedTFrzAzr1pFKNZ_9BXhFahx-3jntNb7YclpDN2AKltrpDjrdUETRUk&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5428 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5428 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 74A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:13 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 74A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:13 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 74A7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 01 Dec 2023 05:02:13 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 74A7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 01 Dec 2023 05:02:14 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 74A7 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=nRqvqODNrJgqjPDWEW-T0K5sQM7T277JHd2ZAHJN28C_wh8bvXOS0vrnLaGCV20plSuv4Ll0etF5qoH3KJelkw_NqOV_YIUTLSd3tvW6CzZNIN8c68nk5PqwIGUbUnoCfs1Yn4vdRKWLMRn6KDOWEdiZfmwW_EqItdTxT9SD4UIZOJpUyzOHCvVLqUwr-nx34FW9XfB6-VD_pWaC733uWJPx0_uzuqdvM4GhEg0yfvdH0xNUvn4by8eIwwfhNScNb8PBuBNSrCR8u4XnIfVr-nXjTM0WIiTPmeC_It-W8Pr7jOXZXyetQJRrOruqNyVsUsZABn4BkYoAuQNmM9fSAeOTRapB3toLxnysL_M7T6zPhDU5GvF1hhJEtmBBAWBwXu7CHbuBHESpu5ALP9gPdt_wFdNlrC2fJ9XVDPVid84IZh0I
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2825023
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 74A7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
383324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8floSKXfwCWV7xHQICf%2BoPvnB7%2FjT6qAgRrPXLG4B6XBOpQuKguTi0gUz7FNSOErHtRGpCP%2FwaW%2BQS20K46CuDvl1RuqR1x6tRGZdcM9j%2FOFg1iIWb6y2j61mu9nypARDzKukh2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
775277d8ead2aac1-SYD
expires
Sun, 26 Nov 2023 05:02:13 GMT
b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 74A7 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2017 21:00:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"59f792d7-7a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 04:17:37 GMT
via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2678
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
jD7HYh1ILK9L09gqZODkwZPKclBacjxaRVjOx2gbdz-lEoP_03NXKQ==
animejs.js
static.criteo.net/animejs/ Frame 74A7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:13 GMT
afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame 74A7 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-d350"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54096
expires
Fri, 01 Dec 2023 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F190603%2F2dff6bd7f81440d493b2b749e0ded2b5_logo_n_horizontal.png&v=3&w=668&s=KCPp5-fJJDCQ9qgTEssM5hEc
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27988218
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4512
expires
Thu, 26 Oct 2023 03:32:32 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_CZ4456-503_C_0050_al&v=3&w=400&s=hkmADEgc70lV7naJW_4oAvYK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f0a0092830c3f7eaa8113d93ab6d8b61b4580a58a9de5147c06963c2c4b3a6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13022
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_496606_al&v=3&w=400&s=SR-aNxe5lzwAX3VZV7yhZ0Ty&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4756
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_DX9656-010_C_0001_al&v=3&w=400&s=8IZ6sZiGMCJt5NDncpXvmMFW&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8672
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_033436_al&v=3&w=400&s=CjAjMI7-l-4X89SjI0wLxO6Y&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
59417b32fa3ddd3cabfc16abd30d9f2263afc446fdc87e15248b7fdcd88677ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10206
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_553558-063_C_0001_al&v=3&w=400&s=Y2nV8izWz0J5n7W1LxSWQEUp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c227f7890d9322a465fd5af0b6819939b251653890603e5fdec8f40fd96e8a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8338
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_AO2372-023_C_0026_al&v=3&w=400&s=60MVoO67kdnH5dIkG87JW1Op&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
10caea6428219f80489bd888b5779115d88e35b87a52c073d4ec2b537009a46d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7008
expires
Tue, 06 Dec 2022 05:02:14 GMT
all
csm.as.criteo.net/ Frame 74A7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=oSPj5ZWqwgWs8aIds8z3Ys8cWEr4ckFA18UHT43ge2qCFIvmxqeuNMi4twhrJlV2fRkLxzfVqGU6LteY1trp1zp4ZhsVMD9uQtT7GZgZlCapCpnfRFauvfceTk8OvQLTEcY0O3wozwx_ucovdZx0Dz6LJuMfrn6EMrv2I6LgZcrDYxMdJeA3Xs83ypAQZDcLib82BfLAnNm73qbvE0DSfZFR2Sh3qxzEcHaYP1jvdQpE5ipu9eVT2IVjOkGavq6WyOvN-godVFp1zNLk&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 74A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 74A7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 74A7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 01 Dec 2017 12:57:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5a2151ba-3b68"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 01 Dec 2023 05:02:14 GMT
81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
pagead2.googlesyndication.com/bg/ Frame 392A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15897
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 20:22:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 82EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=2517372487379615&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=4261877265641272&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
pagead2.googlesyndication.com/bg/ Frame 8354 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15897
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 20:22:49 GMT
pixel;r=304298878;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d6...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=304298878;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-188036583-1670302933727;pbc=26f5e939-a630-470d-a304-616e73217a74;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1670302934441;tzo=0;ogl=;ses=6ecf4c57-2c7d-4708-980f-0752a46a205a
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
log
aplogger.adpushup.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4OTY4NjBfMTY3MDMwMjkzNDUwMCIsInVzZXJJZCI6Ijk3MTM5Nl8xNjcwMzAyOTM0NTAwIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNzE3MDU3XzE2NzAzMDI5MzQ1MDAiLCJwYWdlUGF0aCI6IiUyRmElMkZjaGFvLW5hbi1tYS1saS1vdS14dS1qaS1iYW8teGlhby16YW5nLWh1YS1tYS1idS10aW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGY2hhby1uYW4tbWEtbGktb3UteHUtamktYmFvLXhpYW8temFuZy1odWEtbWEtYnUtdGluZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6ImRlc2NyaXB0aW9uUGFnZSIsImV4cGVyaW1lbnRQYWdlIjp0cnVlLCJ0aW1lc3RhbXAiOjE2NzAzMDI5MzQ1MDF9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
L2EvY2hhby1uYW4tbWEtbGktb3UteHUtamktYmFvLXhpYW8temFuZy1odWEtbWEtYnUtdGluZy5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvY2hhby1uYW4tbWEtbGktb3UteHUtamktYmFvLXhpYW8temFuZy1odWEtbWEtYnUtdGluZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 06 Dec 2022 05:02:14 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=217
content-length
555
expires
Tue, 06 Dec 2022 06:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F190603%2F2dff6bd7f81440d493b2b749e0ded2b5_logo_n_horizontal.png&v=3&w=668&s=KCPp5-fJJDCQ9qgTEssM5hEc
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27988217
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4512
expires
Thu, 26 Oct 2023 03:32:32 GMT
img
pix.as.criteo.net/img/ Frame 5428 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_553558-063_C_0001_al&v=3&w=400&s=Y2nV8izWz0J5n7W1LxSWQEUp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c227f7890d9322a465fd5af0b6819939b251653890603e5fdec8f40fd96e8a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8338
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_CZ4456-503_C_0050_al&v=3&w=400&s=hkmADEgc70lV7naJW_4oAvYK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f0a0092830c3f7eaa8113d93ab6d8b61b4580a58a9de5147c06963c2c4b3a6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13022
expires
Tue, 06 Dec 2022 05:02:14 GMT
generate_204
tpc.googlesyndication.com/ Frame 392A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RDKgmw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
img
pix.as.criteo.net/img/ Frame 5428 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_033436_al&v=3&w=400&s=CjAjMI7-l-4X89SjI0wLxO6Y&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
59417b32fa3ddd3cabfc16abd30d9f2263afc446fdc87e15248b7fdcd88677ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10206
expires
Tue, 06 Dec 2022 05:02:14 GMT
img
pix.as.criteo.net/img/ Frame 5428 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_DX9656-010_C_0001_al&v=3&w=400&s=8IZ6sZiGMCJt5NDncpXvmMFW&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8672
expires
Tue, 06 Dec 2022 05:02:14 GMT
generate_204
tpc.googlesyndication.com/ Frame 8354 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yCoNEQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame 74A7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=oSPj5ZWqwgWs8aIds8z3Ys8cWEr4ckFA18UHT43ge2qCFIvmxqeuNMi4twhrJlV2fRkLxzfVqGU6LteY1trp1zp4ZhsVMD9uQtT7GZgZlCapCpnfRFauvfceTk8OvQLTEcY0O3wozwx_ucovdZx0Dz6LJuMfrn6EMrv2I6LgZcrDYxMdJeA3Xs83ypAQZDcLib82BfLAnNm73qbvE0DSfZFR2Sh3qxzEcHaYP1jvdQpE5ipu9eVT2IVjOkGavq6WyOvN-godVFp1zNLk&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
img
pix.as.criteo.net/img/ Frame 74A7 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=77429&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F3730%2F190603%2F2dff6bd7f81440d493b2b749e0ded2b5_logo_n_horizontal.png&v=3&w=668&s=KCPp5-fJJDCQ9qgTEssM5hEc
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27988217
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4512
expires
Thu, 26 Oct 2023 03:32:32 GMT
img
pix.as.criteo.net/img/ Frame 5428 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_496606_al&v=3&w=400&s=SR-aNxe5lzwAX3VZV7yhZ0Ty&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4756
expires
Tue, 06 Dec 2022 05:02:15 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_553558-063_C_0001_al&v=3&w=400&s=Y2nV8izWz0J5n7W1LxSWQEUp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c227f7890d9322a465fd5af0b6819939b251653890603e5fdec8f40fd96e8a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8338
expires
Tue, 06 Dec 2022 05:02:15 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_DX9656-010_C_0001_al&v=3&w=400&s=8IZ6sZiGMCJt5NDncpXvmMFW&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8672
expires
Tue, 06 Dec 2022 05:02:15 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_496606_al&v=3&w=400&s=SR-aNxe5lzwAX3VZV7yhZ0Ty&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4756
expires
Tue, 06 Dec 2022 05:02:15 GMT
img
pix.as.criteo.net/img/ Frame 74A7 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_033436_al&v=3&w=400&s=CjAjMI7-l-4X89SjI0wLxO6Y&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
59417b32fa3ddd3cabfc16abd30d9f2263afc446fdc87e15248b7fdcd88677ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10206
expires
Tue, 06 Dec 2022 05:02:15 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bbadcc36d480e34cff9b3874a5a5d3a53d6256a0d1b2ad4713b3eeeef3999b69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78554
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Dec 2022 05:02:15 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9jaGFvLW5hbi1tYS1saS1vdS14dS1qaS1iYW8teGlhby16YW5nLWh1YS1tYS1idS10aW5nLmh0bWwiLCJ0aW1lIjoxNjcwMzAyOTM1MDc1fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 06 Dec 2022 05:02:15 GMT
Server
nginx/1.18.0 (Ubuntu)
img
pix.as.criteo.net/img/ Frame 74A7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=77429&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_CZ4456-503_C_0050_al&v=3&w=400&s=hkmADEgc70lV7naJW_4oAvYK&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAenoBc-LfAAeXWUNGMNfYOIcY2zFrkg&u=%7C0BjLNgDbA0QgeUsZj7cSBSX3bb5MkNJ0JR1b%2BO2CuIE%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7jJv_Ix55ez84bbqKAPLbC9JVzYusZzbUTLU_tH8B0EGn2NXnziQaw3LHB3xt_H135G7CHOgoFmrfPMroredO6rFfGiIypyU-5UnhsQTgTICqWUU1a642z5xoDFsTp5_4ZnZwl2jJuz4FIngkc6_dMFjKYPpjeGgghxzXO_HGcrq3KF_vf2DlR17J-GDezJkOrjADz33GaQPhYx7fIyEnN80tmqU_qPWfk8sL_ST2CJLAHR125My-1k6RyP8gCkJDwRualC-hd8Ef4J3HL6iOWDEFRgo6HvohKSflBSBMpvOb4KkYP-jESw3CnqlLXyrN13bj8e4s8YhVO_zWtpTq28qoJandW6es1kuPtZn4TJt180v2c4-5ujPS5P0NJxjrIAoWZE9gV4MmVONL8NiKS9Qg1o8kUb_jA2jOPp7VJjsB4DgxoBOUj-8eJr16l08y3bj_BbVGNzKYxTZ1oaFV9g4X5jZYjC_H4y9RXCA1CBWfL2nV6PVgWcnCRWJFn0WGaE3BcKv94g_X6K0YX-pWRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYg2P1MyOY_r0Ad_Fz7sP2a6eyAiY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0EpQz4x9az6eo2_jx-TCvu0AIYR3htIK_kgwfeNhI1PIFMYBiY7PndXyS9vjxhpeHPVhDNjxzE_qeTE-yii70F8y8W3Z_Icx87MqCGItm36Ifb6qniscCORB_2Bo5Y48hLT7hHQ32XO32jYmdscMlbqQU_ViGUVtbrRPWYQUo3o-W1lXDi4n2Ge52tvtVpgnk6nBt1yxjjlJGw7_0pWWz6eREX45gcwPL9xPeWv7lF8jAn79fTJNOprNox-nxanlsUw3PSDAOoOs1Jzs9RPh_I8KirdU67bGhthYaL2Q2yGgQSwE3L_TjQb6leDP5UmxotJyEoi1YNTK0h8Hanp-CFmxU_cEDP6nHS2ABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3UaKlzO1DNmZY1yW6zW6z0zVyU3Q%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f0a0092830c3f7eaa8113d93ab6d8b61b4580a58a9de5147c06963c2c4b3a6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13022
expires
Tue, 06 Dec 2022 05:02:15 GMT
all
csm.as.criteo.net/ Frame 5428 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=xgC6FZWqwgWs8aIdF5ikKYIusdsdK5_YkryFF-ftFJLVUbhqT5oTWTwN1C4g49dohoY07kn504ucg2fK_y6HM-ywRpCkDD50G4xUHmwQ0ltAMyuxvZn8ZGsT9oFU9zY9CP3Kc5RVxcLCJXmou28z8zC810gtxYrjeDu9J0KP6rL9PEUiZHk-7s9NhPlLRyDZyaobdLavA0CszfRcgCKjTqdoQedTFrzAzr1pFKNZ_9BXhFahx-3jntNb7YclpDN2AKltrpDjrdUETRUk&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y47M1AAAb4wBc_CxAAtQGENguILcZHw16bpaLw&u=%7C0BjLNgDbA0RGwfq8zVymYL1e1%2FBLnIsgYuHYuQe54ug%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJjP411SnRRB4B1-zs9MZWp7swoIMdCZafKATTqnw-W1TMGAztyH4KDwdPZw-ShB2ml4ZgrggdpKC4H4EKtMnYlWyWOT8qaQqxgCo1vlIVCBqPp5w1EsF00KZRL8g3C8gy-F76iuLC8XAMYh3S4PQ-RJj7kQlk8ay3RyNTrngUIdBrZUK70z9DhYCcIQRWGOiAfBKrbFXrAAp0KLGMdmo9Eu2LZ2r7kTUzj-ml0mlqpsLBwL7r2_YyDHAJyVLWU6MgXVCDg40zVxakTgbDxQQ-mioIb6QrhoqhGTtl7qXnQ7kzluoKf3ODZHbdRzr3-enkbx8Sr7gDiHL-3vkEqH1hST6TXkmaiUgKjXwcq6JNKWHcsk72-a6LH1ne9zCbZEe6Vs3pElOjULkslV5lxLbT79Kx2Dh10aassYmJ5rRZXzoOu-yI6vZZBUuQw8YZMmrijiTAGqnASUjgrq4_b1jK9R-xqphblFCAf8cqKce_U2afy3O2RbDutZbM8URRz-GS0ekHU4ekaIKk2Vdi6niefulTRhgN06K7s-tD4PoqxkxjMipIkIU2QY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCLkF1MyOY4zfAbHhz7sPmKCtiAyY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQIGK0qHioimPqgDAaoEiwJP0A4JIKUUm4TCXqL-LXBTUk52lThQugeG5o8UnV-3eG3ryapZnNmkaSR5BgRuMETFqgdig6vZ5QCgQ6OdgM1JSjdgdgPcD29ZdZh4qPdS9luLp11kn9mw4VoDEQgm80_OcVSDvo0rBlxr7rNI3uLUM5fK0-Mz6Kzbwxu1ZeECvK4yHf81opTy80ecj86dTh2nJbo3PFs25vKrkb7t-jfNBFCvEBgLneM0U1AH4uMfOui1gOa-Xhmb3xAGLJ5EyzrqvMqOI0grKkq7v9CwvwMIkg4lHtPExmODCQCfC1E0Qw9CA2NPCwRsVwkjPcfrUjjBI5fIb9uDHHn9mT_tQzBd74zDIT_1tFvxKoWABpiinNPtp57dI6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2GgwUsEvAW0V5fg2b6jV-GvXlTNg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 06 Dec 2022 05:02:15 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oebu0&_p=1804&cid=1521116696.1670302936&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670302936&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&dt=%E8%B6%85%E9%9B%A3%E7%91%AA%E8%8E%89%E6%AD%90%E7%BA%8C%E9%9B%86%E3%80%80%E7%88%86%E7%AC%91%E9%AB%92%E8%A9%B1%E7%BD%B5%E4%B8%8D%E5%81%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9jaGFvLW5hbi1tYS1saS1vdS14dS1qaS1iYW8teGlhby16YW5nLWh1YS1tYS1idS10aW5nLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS1mMmMyODExZi1hZjc3LTQ2ODktOTIwYS0wOGIxNDdjMTVjNWEiLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjJkMjMwZTg2LTc1MTktNDQwNy05OTE0LWY0M2FkYzJhMTYxNyIsInRpbWVPZkF1Y3Rpb24iOjE2NzAzMDI5MzM0NTMsImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjJkMjMwZTg2LTc1MTktNDQwNy05OTE0LWY0M2FkYzJhMTYxNyIsInRpbWVPZkF1Y3Rpb24iOjE2NzAzMDI5MzM0NTMsImJpZHMiOlt7ImNwbSI6MC4wMiwiYWRJZCI6Ijc1MDc3YjNhOWZlYjMxYiIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJvcGVueCIsInJldmVudWUiOjAuMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjc0OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzAzMDI5MzQyMDl9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoib3BlbngiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc1MDc3YjNhOWZlYjMxYiIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMn0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMmQyMzBlODYtNzUxOS00NDA3LTk5MTQtZjQzYWRjMmExNjE3IiwidGltZU9mQXVjdGlvbiI6MTY3MDMwMjkzMzQ1MywiYmlkcyI6W3siY3BtIjowLjAyLCJhZElkIjoiNzQ1ZWU0ZWRkYjc4MjBhIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6Im9wZW54IiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NzQ4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY3MDMwMjkzNDIwOH0seyJjcG0iOjAuMDEzLCJhZElkIjoiNzYxZGUxN2E3ZGI4NGYxIiwib3JpZ2luYWxDcG0iOjAuMDEzLCJiaWRkZXIiOiJ0cmlwbGVsaWZ0IiwicmV2ZW51ZSI6MC4wMDAwMTMsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjk3MiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzAzMDI5MzQ0NTR9LHsiY3BtIjowLjAxMywiYWRJZCI6Ijc3OTdjYjQxNWNkOGEyMSIsIm9yaWdpbmFsQ3BtIjowLjAxMywiYmlkZGVyIjoidHJpcGxlbGlmdCIsInJldmVudWUiOjAuMDAwMDEzLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo5NzMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjcwMzAyOTM0NDU1fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Im9wZW54IiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NDVlZTRlZGRiNzgyMGEiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDJ9XX0%3D&c_b=11542.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:16 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:02:16 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		241 KB
74 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2463677510040486&correlator=2935961517286191&eid=31070873%2C31070919&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D745ee4eddb7820a%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.02%26hb_ap_adid%3D75077b3a9feb31b%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D97102ce78fdcee80-2233966ec2d8006c%3AT%3D1670302932%3ART%3D1670302932%3AS%3DALNI_Mb55-5fr_lWruBHhMarx-gzmLgJAw&gpic=UID%3D00000b8aa72d0ece%3AT%3D1670302932%3ART%3D1670302932%3AS%3DALNI_MZ_T2q2KSofGT7XaLqkqBwa63QYpg&arp=1&abxe=1&dt=1670302936495&lmt=1670302936&dlt=1670302926274&idt=6541&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1521116696.1670302936&ga_sid=1670302936&ga_hid=1804&ga_fc=true&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
3b85db6d8cc92173c08aff085ca911961c1d3ff64b7ae9cd683ee21d112383cc
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKGP1Kmb5PsCFV4VtwAd7UoGjw&gqi=&layout=/sadbundle/%24csp%253Der3%24/5737009695479037952/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKGP1Kmb5PsCFV4VtwAd7UoGjw&gqi=&layout=/sadbundle/%24csp%253Der3%24/5737009695479037952/index.html
date
Tue, 06 Dec 2022 05:02:17 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75523
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:16 GMT
expires
Wed, 06 Dec 2023 05:02:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 91E2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
c6d3fe3be8f758847820c2c342d82dca1bb166539dde8a4fb57141480c5ae210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12492
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6874 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=2517372487379615&bg=!LS6lLmrNAAa7eOFIm3g7ACkAdvg8WqoNUDOGnEjQcM2yc8lQIKHhyKj45gA1dYIYaJ-0fxcrF98fKwIAAACCUgAAAAJoAQeZArt6dxMKETHO_qlarOxgjkJsfk8zoTfwv_7gmKz4chFIr3ngsaMrfrudpyo5rRZuuCY5N_4VZJLRQdEcC7plowPmfRR0xTJKHKxPOPPhMzCrNbSYuTxib3tyBqdIcdywHhu5mZKKxA2oVARePpKo0sJ3ntXDgA9Ro6NqAjORLUdZlOK9qVAhgr6-BCIDVvr65Do9w18cfOu_6dTrVWMFgyrCUMkOQcq3LKno9gw-Lly4kANVlvit8pMNGX4JnwRJRagYIFBH3rreAb9PY1OJJ39dsCATtaF6_H2Uo0_NMXOpwUVMhN-T7U0wAhjhuB2XhkQcWHPHebVuG4T-CZDuV0I5r5HQRgV5V0gYqgmZ4vgFdZCmZT2hcASPUZnBWFDY7LD64_t9VTzQNulT6fjTzqWpbby1T39_JEDLYMig20cDfoCzb0ixZz9lp1ZI94oIgEwUE24fkiXDE6j5zgv5V5M7tG2rEvHD1jSRNkcg7ychG4j4J1-2Qa8ag1II1GflaTT39T_R_1RPOGlNrSU4N3Ht1N9fOk7ZBEOVZOcMFwikd5zHvUHbDVihhFFaf93eW-xuZWe0kRew_Y-PiLwsdLm8busJh7hC8-7eXUvZt-BrC9iJv1KvdCmxMh8Zyr44BSY5ASUxIpwBMSRSEEnqNLxkwOmhUS8MEiXkdNabFgpIzWkvrdaJ6AQK0ctoSlWq9jmMwQmG_jQ6FmAmzNAvTDfFxonordELZPV-mS1I6kI1bB5QnXVFlBOE_0TeakzOLwgmVmeWDK15oqjzifLf0GeT3fWjsmHz79zJQ7FGq93pV36-umfEfQZgHzNCGitSSaCsale4BrptKRJaxwThxVzPK9-qK1cAhSLeLRdnxGGwiVIImgh_rRyagu_Cr2kFQsZezeIUD3Lnt_SHk9JgGf-uVDk2GGRhzhkzedE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2219 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ee56d7095b8280397022d954ac5216fd99b6198910508557d95c8494bb66b1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12489
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 07 Dec 2022 05:02:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=4261877265641272&bg=!VFelVxPNAAa7eOFIm3g7ACkAdvg8WgfMTrNrzJfS3jLk5d2Qh-P-SSpVFm2qCveGFDeYQ_v8s7e22gIAAAB1UgAAAARoAQcKAIsXljsGeKk_vvBnudl_h1KxiLBM2WBUygq8lbIs7ApmjgxHMQbNuPwfltAcFFK6-ydIerWqQrpy-haDAT_f8XShXEgvvqQJ-9bXF4h2RSHS3HWZCoQgtHz0M8Ckg8eAM8yt2ZX42fU02mmGKESLj0jQxXkNHXyuxOe8UOrKWrGvlfpYQdVmZda3MOL2mQK9yE0QSYdkuV1BMtzzfu2SaHQdlnN04XiJDkTVw_1GzQC-puntwmpJgjMm-uqEuNh9S6mRWg8IwmHdC6DEDtcg4CIcdElPY1_tTbSL3v8IVPwtVGNnO4O-PH4Ou-GZd6Fn-joCC7dDbkRYe_RzLnWQRBhhoZXq1sCQDC97KQK4HjJzcxfizco-FwndUtmbmzB1Qkl1ieLLzgxzEJt4dvNmZCI58ej5vocAKHl3F51XTqqf37ct2xq7L_P9_9gOT7v4RNZbaGOTPd_v_BtgJiZuMj5t4OKKtCqeIxjqbOXYYpPsjqWxS3TUOO9blydtpeDKrZiJQFrmt6G9pd0nlw6azRnsFa-80CKNSq6MnMlM6cyhF8OalZM6mBtaPfNQV_OFQwd6R5j2LTfuCSxrmnD2KbmB4js-Sayqvi8liLuP8eZtMytK_nW4guxnW3DhY_1HCYZUMRy-PxYSQVOmm0gXE6J5_b6l7-0KKqKlebTU072osA5la3YhbZ_lc6_0XbcRrypAhZ1mTtfnw2jEYlN-xY_XtUWD3ujhOw_Sbw4ZIE2XRN8QU26BIu-ZjbA7xSDAN1D1B2Dj8TW6apRF-h57Dv8xcHR5Ypi55P49pb3w1pqTbDysjsPTNJ9-xxuf7K0GHySCRv-ag-KOnYw_MWJ8cUxZUUR9Dh19ozK8ku7r3Mw6_QS2yNLqpuUofVIVMgrVpKkpmEKREPSVxkmpDR2SSbI0nQfA9lOv9Ag_uzq65eUPKuug5zZjlydT09T530mvFxAaMPGTzbf7orK323FpNv3zZQnCUvxILMU5Ht5IRPxriach_hXe93KrJC_ob9iLNs7cOFVTzVfWQPL0FOefxvypnE5wh7Dr7EsfVcdBmmMdxeMFKnTud5KtA1te6VxYVK8K1MrgdHSMcJedwIqjXsW_hsxOQ_N5z7TDq5U
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 91E2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:17 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%B6%85%E9%9B%A3%E7%91%AA%E8%8E%89%E6%AD%90%E7%BA%8C%E9%9B%86%E3%80%80%E7%88%86%E7%AC%91%E9%AB%92%E8%A9%B1%E7%BD%B5%E4%B8%8D%E5%81%9C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=12135&dns=5&tcp=533&rrt=0&srt=795&pdt=2&clt=1364&dit=1364&a=1804&z=0.5712635501679364&gtm=2pu000&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Dec 2022 23:44:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19060
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ece204926068a1611f704d94bff1f3a68ceabf09bac209b785980d9e1a6d8ce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12510
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 0D36 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:16 GMT
server
Kestrel
server-processing-duration-in-ticks
922012
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2219 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:17 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 7487 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Nov 2022 17:06:18 GMT
age
561359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 Nov 2023 17:06:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7487 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 30 Nov 2022 05:58:03 GMT
age
515054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 30 Nov 2023 05:58:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7487 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Dec 2022 03:33:02 GMT
age
350955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 02 Dec 2023 03:33:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7487 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 05 Dec 2022 05:18:26 GMT
age
85431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Dec 2023 05:18:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 7487 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 06 Dec 2022 01:18:03 GMT
age
13454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 06 Dec 2023 01:18:03 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7487 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 07:12:57 GMT
x-content-type-options
nosniff
server
cafe
age
78560
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Tue, 06 Dec 2022 07:12:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7487 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 16:15:05 GMT
x-content-type-options
nosniff
server
cafe
age
46032
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 06 Dec 2022 16:15:05 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7458618548366891886/ Frame 7487 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7458618548366891886/downsize_200k_v1?w=400&h=209
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
b1b55a502676a7d2ca683e8626348ad7ec37ab0ff4ebe795223baaaffc4d4c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:17 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20125
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 02:43:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Dec 2023 05:02:17 GMT
truncated
/ Frame 7487 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7487 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7487 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbb85ac3706645b721fe7cbda941cdd5d153b08feb6d1917c6e20a74072f0f94

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 7487 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnKkU9Sb2y642jDeDAKMUQSRMGp07NLJqtUYztXV7z3Y6ca3ILx1AcDzukJNueK0s7yiifp6jZDpC_Yp_WmKmmvoITRw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7487 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwzOV2MyOY6DDKN6q3LUP7ZWZ-AiG153dbeX7qfG_ENGq8_6bMhABILqEwDNgq-yxheAYoAGM3b7tKMgBCeACAKgDAcgDCqoEtgJP0EcuIJ1rfKW6JYOqiTfPJWv8N0R1cPHTUmaIHUzepgEbYr2clgsPvD9CGVQrgfnJGm3UB85khrqJTb5QIVKRkbNLepM4522fqedg7Xn9ya1gzoQtPx2goywSe3FV4wPnG-duVbCaZPzaI20yQNrHxXxi3H-DXbAqKERgTlZITr2kHc2RByWjFZgysfUVlxR8xwO55a9JJ4dPQnFVl8dPNXHs4XcGDUo-j5wBjZJy1ika8Si_f7DU8dSpPLhn1_p3V2EHFLOiwd87hW0tx0Xh4yaI4LU-2Ie5KV_Q3BA-7GQkc79cENhkpoAlrFR7SoQviG8_P9bS9w5eWKCvRYnjEh73eTRGoULpp4fQb6ftVsd33vvj69ICOzW-25Badx4mycCvN3O8J5SVGblGecykJgbrk9_uwASijrS_iQTgBAGSBQQIBBgBkgUECAUYBKAGLoAHjJWPzQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDF7wbSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=TQV9OA4jsPs&uach_m=[UACH]&cid=CAQSPADq26N9-J9aH6o7u6X3HJZAbjAlaMtH_iPH4QR1hHs2fPohcpdrjq_bFs2vrI_m8OvC1iat-H8TpUmK_xgBIBM&template_id=5000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 848F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:16 GMT
expires
Wed, 06 Dec 2023 05:02:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:16 GMT
expires
Wed, 06 Dec 2023 05:02:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83AC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
90084
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:53 GMT
expires
Tue, 05 Dec 2023 04:00:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9502 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
96321388d7b41b8b126f329025b4b18408c09ae2b5d8a24bfa7ed41a9ae21c56
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n7kHoT8jx-QstGl9M8hRCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-n7kHoT8jx-QstGl9M8hRCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:17 GMT
expires
Tue, 06 Dec 2022 05:02:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 70E0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLPLT_y2PT1N4RNOQ6KGi43yoiizYYBciMPupX18Ltl6C8oQgbkpwVHAVF9GGkbq-UMN9rbmKGRSMnJ2IUd91bKv1g&sig=Cg0ArKJSzJgcc4Qib_qrEAE&cid=CAASFeRohOCmZAgSQzsYa8eJXpZNvwKyCw&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670302931712&rpt=4838&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 81CB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
90084
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:53 GMT
expires
Tue, 05 Dec 2023 04:00:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E1CB 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
3716de779fdf10052ade06f5df08741256e49502c2d740a1eca14d8de21e87bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MEsHVYL431kmF9dmgpW48w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-MEsHVYL431kmF9dmgpW48w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:17 GMT
expires
Tue, 06 Dec 2022 05:02:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 0D36 		425 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c6ae8c96567aa3aab20a8ccf7511e6b8be0473529053a56fe16b2e34e7ff534b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3599130
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9502 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=3740778782382103&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
pagead2.googlesyndication.com/bg/ Frame 83AC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15897
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 20:22:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E1CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=3532622367497123&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
pagead2.googlesyndication.com/bg/ Frame 81CB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15897
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 20:22:49 GMT
afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame 5428 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-d350"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54096
expires
Fri, 01 Dec 2023 05:02:18 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/ Frame E1C2 		660 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
8c4e3c47ca0add4147cc8bcd28aa5ec442ffec96577d3e635b036d274489adf2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
172924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
42963
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 05:00:14 GMT
expires
Mon, 04 Dec 2023 05:00:14 GMT
last-modified
Thu, 13 Jan 2022 13:53:42 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 848F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxQCw2MyOY6HDKN6q3LUP7ZWZ-Ajmqc6EXuellcOhD9Kw6J7rGhABILqEwDNgq-yxheAYoAGkpa_FA8gBCakCvVtLD0VHgT7gAgCoAwHIAwKqBMECT9DDT1aKsxCNjFa2RAJ0quqmnhqAqEP_6I-6zNjkjP4Q6dwdXCeQPppyOHGLyraGj44WrTGuF-8QsBVHM4rrp0v6YLPrFnXhIr1tWWQZkjiz1MnZD6Vy2Jf_T5aYu4qKi59Gv_Q1JVF9gJrkEduT-11LXMkdqZzRpoTAAFqVfqnUWweH6kh-7n_Xejt9qJ4impF-rvn6tCewfcHtPji8kmkZf0l06gUVSn_kPeF6EWbQrLFaFTR1rjJlBZ8Pn16aPCNOLWJRE0t6Pc7oeJ88RSjuzjyxWVxjOTsifuXA5ETdpCFbPYk8Ks1Q2lAjUiWuIpTNgIxILyFBjnTBZjjbQHoGUNnzwXXXIfovJUZKG4ewigSp39_lfcGwahIG-Poqc1xOsIhNChBN88IRtM81DkG9KKMUOnCtQTzTfzWFO3ZLwAT2hYf0_QLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGa4AHxNrQOqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDT9QLSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=gozkx87oxN8&uach_m=[UACH]&cid=CAQSPADq26N9-J9aH6o7u6X3HJZAbjAlaMtH_iPH4QR1hHs2fPohcpdrjq_bFs2vrI_m8OvC1iat-H8TpUmK_xgBIBM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 848F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
34076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 19:34:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 848F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
50749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 14:56:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4B0E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY08SK0gEwAQ&v=APEucNUmMnDZULDqJCUmsu4jy9-34qGc7xcYWVUqnPBuMsEJI0zoHEsz88S2vI57l35OAqf5fvyxLgjOIz9suZoeWcsKK0xvwQ
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 2A9B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
50985
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 14:52:33 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 2A9B 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
50622
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 14:58:36 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2A9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaa3axKMobx28kgsB29jT7BZW6EBxffLjns7ujjztn6zLIl82oNR6fq5JHhESuD3BQBdRTQZ27IH15IJnApZ-I7GsK5WjMgUsJM7kKnciH3kHOZam9pP6JyMuBK7EGpH6j_rPsqcO-DiOlxkbptizq05A-udQ_JxE8XriuYNvkklxjn26EdCDF_LeAjm1S4TEAojtwxySpjg6p-vhQcrK0K1nNC-0x6UNvrLDtHtTC4vCeSLiRACVZtXedLYjB39wdEFQ81TBHiRJJM0Q9GYLdo0GH3GjS2jDg_RBOdVcCm8OfWLcm7UrFKDSxukBVfREiXEaGh2Bf0mx-dtcRm1iuLXRc2fCu8VxH4LEFFGncrkBdnoZlXc1fvemF53LjNMKrnw9_rEmpkFDIIXZi-tsAk5AUiQ115VTrkUhgoGS8c7dVANIzU15eZbFLey3qGpPsdOr1iDOl2oSC8DeXDPp6NnCj-BrMvFX8dIPq2deiS_38QfhoX-SUkX2SiI6Mn6UYpGYHAeYSQNP2pxaRrblLKhRYaKXjeYtL8rmKqZuvI1EfRr7WfXVlbS42VGsUfM1Usybv07DCJciq8D1HI2bBpRD1MG30nlYerkYBh6hGMNeHHeMPgql7460Z52lb91TBFEo1v1YEJuzZ7btZ6qzfp0MF3qkiTVHq4iDqlaoAim1Bepzgwb5-3hDBwUFYrWTQ9aIMGMcjrXS_UPtzS3xMWXg8-jmR7N3yLq00WS-TZ_9bF3aYaFiw_Gm4LEKE1aaa0VEIQGa9-3HKkH9RzsqskNABiqkfuMDdXY_edTMm3pGwXgNrGILi9WGM6LccXAY_ioD1Gupx0AZz6z8SJi6PUzdEmKxk3KtZe7ZWgQcc6fw98tn5Kjue-CIzFzXgOzEmyaoEa3vTtSrczJhOC-c2NOOeGhCa1w6vecDxGQctztd6g2KfrPHbzQPgAH1ktip7qh66FHpdKpsh8EC07lg93mVWRNOqgIbAOkkSvdgNhiPwdG-Rtn0S2Xr0BegDJu8z26lR2MFGzMN9WLGWR6SOO9iTNXRBV0pYaK5gjsKicbASD_d6SmqCQiItPZKyfLERyfIU_GXEwbVE2yjMs4FrthnFGHj5Z4oHkhtLr9uJDcanNbJh6A0qlAo4Asw5zgKvRAJ6iuwaAjFDbUGeF9_yTm-DWxoZTkb-44pxdLwK6DR1MJHxhKfP9KV5Pyq93MoYoRpjrVQ-ICh4PhPv-1U7_xBBNeOpUbA4V7d1sIqRlHjGPq7Ld5r4pM9sdkp3avX2N_sSANh5-tBUbrub3DKlSEaz_DCrrNgzppcyc6zwsyGYD5qTQ57amCBLJuZydOmo6yh2OYaxYnrrbFqpkOoNjkSg&sai=AMfl-YQ4nMeG9bvSPDzmMBCkReRDOVA3Nu-OwlZ2dZ6SPEAmc1wbbkyaVX4O3a1Q9_nyqmCwZdiuVCAeWztGTc5QoJ7bVCMQO9cVpMw6F-wD00wugLVvG9DqYXBbNBNKmGfa3N18txurZcjb1p0qz-X_n5qYshLFvji29m1mpogMvTz9vJ76wClP1ro-DSC8QIsor5D6yrIl7LowVsAPCFIwcgQmkIrZI1wJ4n1Du1ty9DqqXIyVVynl1gkAcTrjjsFr8iHEAPtEgcSWaPkWsVsFbGE8FdfsL0dR0uT4Cl3APeCAdJMsDMCLB_PbIKAuJeRL9pjpvOsgHnW639bBtsWMISmoCQC0w1f_XtkR3XshRlmlEo2-LhT7d2KqR2N96N59edDJuAer1P_Suy2fvIep5HU7pA&sig=Cg0ArKJSzOPgFj2eWQuZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221129.32417&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 05:02:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 05:02:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2A9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 18:55:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 18:55:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A9B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DR2lp0DsnURXMZC_RBmCriHcE1jLdxpObm0Zt3_auKVLAOFAgkjg_rPJ5HIcBW_rjnWyuP20J9ttgZ9ODIGm4rD719fFBgqmprnlBojh8WhQR0Gyo
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 2A9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 19:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
34076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 19:34:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 2A9B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 14:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
50749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 14:56:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A9B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:18 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 2A9B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 13:28:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
56034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 19 Dec 2022 13:28:24 GMT
9435933110291188436
s0.2mdn.net/simgad/ Frame 2A9B 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9435933110291188436
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
2d9d021cd222058373a2ff05fc29a19d59f6a8ed0c9ca3e39e7ab2cf470276e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 12:26:46 GMT
x-content-type-options
nosniff
age
59732
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162058
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 11:40:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Dec 2023 12:26:46 GMT
afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
static.criteo.net/design/dt/77429/221123/ Frame 74A7 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/77429/221123/afe6f18fe23241b590c6f8d584172abd_cpn_336x280_1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 23 Nov 2022 14:31:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"637e2eb8-d350"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
54096
expires
Fri, 01 Dec 2023 05:02:18 GMT
generate_204
tpc.googlesyndication.com/ Frame 83AC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iOg27Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C1F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
90085
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 04:00:53 GMT
expires
Tue, 05 Dec 2023 04:00:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4575 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f104.1e100.net
Software
GSE /
Resource Hash
051986669daed4afb18c6a7eec01bcbb3adc7e9341439f1ef89f0ed3603adc81
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qBqFvB0U3dstj_R5_dq_xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-qBqFvB0U3dstj_R5_dq_xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 05:02:18 GMT
expires
Tue, 06 Dec 2022 05:02:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 4B0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY08SK0gEwAQ&v=APEucNUmMnDZULDqJCUmsu4jy9-34qGc7xcYWVUqnPBuMsEJI0zoHEsz88S2vI57l35OAqf5fvyxLgjOIz9suZoeWcsKK0xvwQ
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 4B0E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y47M2.j9RxeftpfjyOhMcwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&google_hm=2
0
0
bounce
ib.adnxs.com/ Frame 4B0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIkYR08h_Jy63atWwvDsMK8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIkYR08h_Jy63atWwvDsMK8%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIkYR08h_Jy63atWwvDsMK8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY08SK0gEwAQ&v=APEucNUmMnDZULDqJCUmsu4jy9-34qGc7xcYWVUqnPBuMsEJI0zoHEsz88S2vI57l35OAqf5fvyxLgjOIz9suZoeWcsKK0xvwQ
Protocol
HTTP/1.1
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:19 GMT
AN-X-Request-Uuid
76bcebd0-2b46-44dc-b1ac-89a35c0fb87a
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:18 GMT
AN-X-Request-Uuid
f9e95fe4-d71b-4b89-92f0-3f264bbe7637
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIkYR08h_Jy63atWwvDsMK8%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4B0E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MTQzODczNjQzNDU4ODg5OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MTQzODczNjQzNDU4ODg5OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY08SK0gEwAQ&v=APEucNUmMnDZULDqJCUmsu4jy9-34qGc7xcYWVUqnPBuMsEJI0zoHEsz88S2vI57l35OAqf5fvyxLgjOIz9suZoeWcsKK0xvwQ
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:18 GMT
AN-X-Request-Uuid
984c24d7-9ee4-48af-a33d-ff207ef65b72
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI3MTQzODczNjQzNDU4ODg5OQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CCE8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
51770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 14:39:28 GMT
etag
48472445140208031
expires
Tue, 06 Dec 2022 14:39:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame E1C2 		1 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Varela+Round:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
ddbed2d2048ca083a3993dfca1f5c49075a256d003ee78d444c9a397a40f41ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 05:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 04:59:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 05:02:18 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E1C2 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 18:53:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
36523
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 06 Dec 2022 18:53:35 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E1C2 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 07:04:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
79069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 06 Dec 2022 07:04:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 81CB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?utw_VA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 848F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 05:02:18 GMT
truncated
/ Frame 848F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2fa167ce041f39333e8e0b6022f18418394d7586b58a08c62385101ade264f6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2A9B 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f5f1790fa4abb0777c30b6cc6b27d0535b9679d3176d269c2a0c1eba9ebca2b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ACC9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
564681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 16:10:57 GMT
expires
Wed, 29 Nov 2023 16:10:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4575 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=2463677510040486&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
pagead2.googlesyndication.com/bg/ Frame 9C1F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15897
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 20:22:49 GMT
sync
gdn.socdm.com/rtb/ Frame CCE8
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEBuFa0nPOWKT7UPDnglZBys&google_cver=1&google_push=ASkJ3FYJIF56xs9TvckpXsI47-regkkoGDXUJ9QoYN1OuFHE-qNfDkVtuqbWKIYo9HwLC...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTQ3TTI4Q284WWtBQUZ0bFdTRUFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBuFa0nPOWKT7UPDnglZBys&google_cver=1
0
0
pixel
cm.g.doubleclick.net/ Frame CCE8
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEJV7yW34bW_sX_QhYwEvLzM&google_cver=1&google_push=ASkJ3FZqmTJrpBbem8BGIvyn871Rn-oZN9FHiKX37VbkEH1qflYX3lv0smjgyMuDFMfqpBmoZiAQ_d8NXhhujljGDI8lylOXmdk8jg
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eFhEeGRJa0hEajJVbmZ1QzI4eU9Zdw%3D%3D&google_push=ASkJ3FZqmTJrpBbem8BGIvyn871Rn-oZN9FHiKX37VbkEH1qflYX3lv0smjgyMuDFMfqpBmoZiAQ_d8NXhhuj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eFhEeGRJa0hEajJVbmZ1QzI4eU9Zdw%3D%3D&google_push=ASkJ3FZqmTJrpBbem8BGIvyn871Rn-oZN9FHiKX37VbkEH1qflYX3lv0smjgyMuDFMfqpBmoZiAQ_d8NXhhujljGDI8lylOXmdk8jg
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=eFhEeGRJa0hEajJVbmZ1QzI4eU9Zdw%3D%3D&google_push=ASkJ3FZqmTJrpBbem8BGIvyn871Rn-oZN9FHiKX37VbkEH1qflYX3lv0smjgyMuDFMfqpBmoZiAQ_d8NXhhujljGDI8lylOXmdk8jg
date
Tue, 06 Dec 2022 05:02:19 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame CCE8
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEMvpkLDGghLUxpx3WhkBwwY&google_cver=1&google_push=ASkJ3FbTF3jJhv6gt2mbLGuenZ_MuROdGhQPxVlbXAKwyi4kzxVoNtQtKZhlTHr7c_tUb4rPscaLHJOZnNnyxTXS4B0KHE9R1Zu3
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbTF3jJhv6gt2mbLGuenZ_MuROdGhQPxVlbXAKwyi4kzxVoNtQtKZhlTHr7c_tUb4rPscaLHJOZnNnyxTXS4B0KHE9R1Zu3&google_hm=Kg9cXKYxwdQfpuUxxB9zMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbTF3jJhv6gt2mbLGuenZ_MuROdGhQPxVlbXAKwyi4kzxVoNtQtKZhlTHr7c_tUb4rPscaLHJOZnNnyxTXS4B0KHE9R1Zu3&google_hm=Kg9cXKYxwdQfpuUxxB9zMw==
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ASkJ3FbTF3jJhv6gt2mbLGuenZ_MuROdGhQPxVlbXAKwyi4kzxVoNtQtKZhlTHr7c_tUb4rPscaLHJOZnNnyxTXS4B0KHE9R1Zu3&google_hm=Kg9cXKYxwdQfpuUxxB9zMw==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
5n1vr9ktaj7gv34bu2239e2ii2ghuigr
pixel
cm.g.doubleclick.net/ Frame CCE8
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAvjOB2uSmq2do1w66bjQFs&google_cver=1&google_push=ASkJ3FbAwWIf4QgFOtwzLm_nthLGvxouoaS_43Rt-qy_uSmRPZQ1f2dXpAi3weEaA9K7aflFEn7ZAe9rgmESIRiTUs...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMzMDQ5NDY2MjIxMzQ4NTYzMDc&google_push=ASkJ3FbAwWIf4QgFOtwzLm_nthLGvxouoaS_43Rt-qy_uSmRPZQ1f2dXpAi3weEaA9K7aflFEn7ZAe9rgmESIRiTUsk8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMzMDQ5NDY2MjIxMzQ4NTYzMDc&google_push=ASkJ3FbAwWIf4QgFOtwzLm_nthLGvxouoaS_43Rt-qy_uSmRPZQ1f2dXpAi3weEaA9K7aflFEn7ZAe9rgmESIRiTUsk8nk1i-G3mdg
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTMzMDQ5NDY2MjIxMzQ4NTYzMDc&google_push=ASkJ3FbAwWIf4QgFOtwzLm_nthLGvxouoaS_43Rt-qy_uSmRPZQ1f2dXpAi3weEaA9K7aflFEn7ZAe9rgmESIRiTUsk8nk1i-G3mdg
Date
Tue, 06 Dec 2022 05:02:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame CCE8
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESENUQvTAXv18n6JHszCCYA20&google_cver=1&google_push=ASkJ3FYqk1Z_KDsdIO-YPMtuaHPwLyxu48i2QOqoSkgjV-TqHWxTqvefjcgRExJULGE_U9ofnfe6blu2_gzwP4JZIAPXF514eV9PTA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYqk1Z_KDsdIO-YPMtuaHPwLyxu48i2QOqoSkgjV-TqHWxTqvefjcgRExJULGE_U9ofnfe6blu2_gzwP4JZIAPXF514eV9PTA&google_hm=Z2QyNWUxZWMzYTQ4MT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYqk1Z_KDsdIO-YPMtuaHPwLyxu48i2QOqoSkgjV-TqHWxTqvefjcgRExJULGE_U9ofnfe6blu2_gzwP4JZIAPXF514eV9PTA&google_hm=Z2QyNWUxZWMzYTQ4MTE0M2FjZTc=
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FYqk1Z_KDsdIO-YPMtuaHPwLyxu48i2QOqoSkgjV-TqHWxTqvefjcgRExJULGE_U9ofnfe6blu2_gzwP4JZIAPXF514eV9PTA&google_hm=Z2QyNWUxZWMzYTQ4MTE0M2FjZTc=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame CCE8
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDbgnbmlC_M94pu7Y_4YyJQ&google_cver=1&google_push=ASkJ3FZb-PTANk0G_7KFmBxObnbuS0cYaf9tsaXl6G3xTVrMq4jqnJPEu8hthDTARAVv4QKj-6gkyCyXPhttmEBxFgClCXY5K51r
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&mn_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZb-PTANk0G_7KFmBxObnbuS0c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&mn_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZb-PTANk0G_7KFmBxObnbuS0cYaf9tsaXl6G3xTVrMq4jqnJPEu8hthDTARAVv4QKj-6gkyCyXPhttmEBxFgClCXY5K51r&gdpr=&gdpr_consent=
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 05:02:19 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&mn_hm=MzEzMzA0NTM5NzQ0MzYwMTAwMFYxMA%3d%3d&google_sc=1&google_push=ASkJ3FZb-PTANk0G_7KFmBxObnbuS0cYaf9tsaXl6G3xTVrMq4jqnJPEu8hthDTARAVv4QKj-6gkyCyXPhttmEBxFgClCXY5K51r&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 06 Dec 2022 05:02:19 GMT
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame CCE8
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEGyH2ilyp3xxSbH2rnW3ueA&google_cver=1&google_push=ASkJ3FYARh_IAnSu5OkihwvFAyeR4QcRBbTw63u8gxavt5RmNnd64OhrWhdLyu-P...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEGyH2ilyp3xxSbH2rnW3ueA&google_cver=1&google_push=ASkJ3FYARh_IAnSu5OkihwvFAyeR4QcRBbTw63u8gxavt5RmNnd64OhrWhdLyu-P...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame CCE8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxDXUBpxfT_MXWrfLs_1WzH7wec7rxdR7qGu3b4xwQ-4w2ns2EoKbGUJmx9qmBXQaOh58aXA
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
pagead2.googlesyndication.com/bg/ Frame ACC9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81_xgzAtA3K6BUSvxlviYRqiKRYqPH3jXMkg3rbk2fc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15897
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 20:22:49 GMT
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v19/ Frame E1C2 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 00:05:52 GMT
x-content-type-options
nosniff
age
276987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20636
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:30:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Dec 2023 00:05:52 GMT
sprite.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/ Frame E1C2 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/sprite.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5737009695479037952/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
024d91c3054065badb0620513d43950988ef0bf5b387c68e56b52858f65d03ed
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 06 Dec 2022 05:02:19 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102409
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:53:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Dec 2023 05:02:19 GMT
generate_204
tpc.googlesyndication.com/ Frame 9C1F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1LgnhQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 05:02:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7487 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5u7hTVfl_hNl4otB9yjr-umgUC5JUAAtMy8v8VknbGqwJdnRD_2rTCZGZ10JwK0QJhjoRiKH0z01ppPRBFP3P45o4HCiK2tigD4ea2Fr1VxqI8JEabTU1v7IU1x4-nmD0dPU&sai=AMfl-YQW5PmwDMinn_POHvww5DvFStQTDuzrUVc9did6ASU_QWSxwZcKdeZ1_gdWn9yt6UFblAp8w6C2LRlcNFpeiq-wgHkOUxey_X3D-fFBlfcLqHTTUkMfc7m5SF5uE2A&sig=Cg0ArKJSzIPCoHjaA7igEAE&cid=CAQSPADq26N9-J9aH6o7u6X3HJZAbjAlaMtH_iPH4QR1hHs2fPohcpdrjq_bFs2vrI_m8OvC1iat-H8TpUmK_xgBIBM&id=ampim&o=236,60&d=728,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=794&tls=1796&g=100&h=100&tt=1796&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACC9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIbFk2MyOY6LDKN6q3LUP7ZWZ-AgAAAAAOAHgBAI&bg=!PD-lP3vNAAa7eOFIm3g7ACkAdvg8Wr76X4XAtU7CaZdLf-q2koamTjJr00VC8-aLyM5oJHl1ixSNDwIAAAB0UgAAAAJoAQeZAu1OeR8PsJPzAKVTnhvBYMbwK8-uRZoaseoimo9wwzqo1Fu22fgZVmwP9orNscxy6yZYiA3Ua-zCO1_tATzk0ZbattOjb2sE2FODotVDu-iWzGv8wQi50WU-jwsZVjdVIPj9MgwSCb27SQsFOQzNYSNB9EuBKU2imx3ITZEvi7dEQtFmAQMbT8uxBa6rISWbaVYgTDqWkhkf1tgo7zl72oUpCJ_9A7I9SSF_0oLSZ5IFK4I1pI88s_m9L4PwXIp1ao9C5efKIcuE8elStLFoP-8CpuVqs1GS3YE17i5cjI0KhZZNcJcZI9ZQ99r4ov0hN58U_KeAJa1FamukxjX3IspvjmxZ25p_nRPkGcaeTxyFxe-_QOr0TakV0nHme5Mg0kKEn_CPubxeIUM9z-fV7WC9RE-KUfddVa2IlmxAe9Irgbjc1gD76NQOu70ET7CiQXjBo30F8CipVBcl9wGdqePnN7dEzphzdj1djxgjBMoTSTrr988qWXk9uRChhXmNxqQKGaCOXsooUtscF5GKgzkW7H9LvgjGYzC2nfJOvl3mQYEVLqwLw13ZviKKyvasUn9fLVcWA0ZePicVRKtGYmQASV9z_cJl42dBrlOP9RiQDTxu12U_H6JUYt4Hd9EmUeKaw34O2bLqxEwQOO0f14q4hf_wJtqQsX_WNGZBuTPjyBJOY08zJ1Uog5a0aKO_2PGVW4C4VePLONZmxffAGAT97zwqXrjC9vj9Lpe_iQNmGWPw16ZzSeaCnibY_49ll4GO4txBg_906ZolmwUAA74oWV7CeZZFiDEQKYE_N8gvzQjzWUoRWpz3IZUtGV-r7yd3udGnfxS7L-hCiqtmHRqMyN33EGDbw9BgkEF34e64MhlNcDS7ZIB9wcAvWYrlsqJRuuTAacLVsqbLz3jva0AQiGGLUtO2OnNcosX-ElH6nY2BAZPqXRJibIQCvthlOIlSPbTpWqcKSCARv9cnPtCGM7OcUlp1u0T4Vd1Xfw
Requested by
Host: 138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fe3141dbd24a51e28ce11bd57db85818aa32b2257bac4079c1c614c6ce8f088

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Dec 2022 05:02:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 05 Jan 2023 05:02:19 GMT
sync
eb2.3lift.com/ Frame 255F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
052583d64aaa03f05ccd8fea7c7eb5d6760c4214be82f045e0fc37325cef0b6e

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 06 Dec 2022 05:02:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 2B23 		533 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4ca01089888932dab5991928436729da5e5d285c9978405f9bc46feb2bcfb8f0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Tue, 06 Dec 2022 05:02:19 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame B902 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
1846
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 06 Dec 2022 05:02:19 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 02 Dec 2022 04:31:25 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
50, 3124
X-Served-By
cache-lga13626-LGA, cache-mel11269-MEL
X-Timer
S1670302940.902960,VS0,VE0
sync.html
public.servenobid.com/ Frame 4852 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 35D6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
346
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
775277fde9dd1c53-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 06 Dec 2022 05:02:19 GMT
expires
Tue, 06 Dec 2022 09:02:19 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EEF1 		0
0
/
onetag-sys.com/usync/ Frame 4EF7 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1670302934529
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 5790 		0
0
json
gum.criteo.com/sid/ Frame 		0
0
truncated
/ Frame E1C2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
14726080724247082130_4939737637028799016.png
static.doubleclick.net/dynamic/5/83933682/ Frame E1C2 		0
0
2482943028779093117_14191633587709436678.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E1C2 		0
0
5196133856026353788_1251820132076459564.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E1C2 		0
0
15872443971424083689_12670503073604081539.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E1C2 		0
0
11053919853719057903_5676995096007189237.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E1C2 		0
0
13911327140193796911_3987520054666488292.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E1C2 		0
0
xuid
eb2.3lift.com/ Frame 255F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d717dfcd-639f-4f93-897b-684109d4ad4e&dongle=0cfd
0
0
pixel
cm.g.doubleclick.net/ Frame 255F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D
0
0
xuid
eb2.3lift.com/ Frame 255F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPfwABxdxOFKllaK_ACvNiE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
0
0
pixel
cm.g.doubleclick.net/ Frame 255F
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D
0
0
setuid
px.ads.linkedin.com/ Frame 255F 		0
0
sync
x.bidswitch.net/ Frame 255F 		0
0
1593092346549505245537
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 255F 		0
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 255F 		0
0
c.gif
c.bing.com/ Frame 255F 		0
0
getuid
ib.adnxs.com/ Frame 255F 		0
0
cs
ad.turn.com/r/ Frame 2B23 		0
0
sd
us-u.openx.net/w/1.0/ Frame 2B23
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d717dfcd-639f-4f93-897b-684109d4ad4e&ttd_puid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0&gdpr_consent=
0
0
sd
jp-u.openx.net/w/1.0/ Frame 2B23
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y47M28Co8XUAANYf5q8AAAAA
0
0
3
cr-p3.ladsp.com/cookiesender/ Frame 2B23 		0
0
pixel
cm.g.doubleclick.net/ Frame 2B23 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDkzNjA1YWEtYzZjMC0yNjVlLWVjMzItZjMzZmRkZTQ4N2U5
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 05:02:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2B23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIZNLdVBIg-z7RN2iQI4Nbk&google_cver=1
0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2A9B 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame B743 		0
0
async_usersync
ib.adnxs.com/ Frame B902 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com
URL
https://beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM_P2xgLMAVkSWKXJ3Olywo&google_cver=1&google_hm=2
Domain
gdn.socdm.com
URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEBuFa0nPOWKT7UPDnglZBys&google_cver=1
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEGyH2ilyp3xxSbH2rnW3ueA&google_cver=1&google_push=ASkJ3FYARh_IAnSu5OkihwvFAyeR4QcRBbTw63u8gxavt5RmNnd64OhrWhdLyu-PqkOr6lsxspYVIusezGntqzxRYU3s5zpQr_Bw3pQ&uid-set=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/dynamic/5/83933682/14726080724247082130_4939737637028799016.png
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/dynamic/5/83933682/2482943028779093117_14191633587709436678.jpeg
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/dynamic/5/83933682/5196133856026353788_1251820132076459564.jpeg
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/dynamic/5/83933682/15872443971424083689_12670503073604081539.jpeg
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/dynamic/5/83933682/11053919853719057903_5676995096007189237.jpeg
Domain
static.doubleclick.net
URL
https://static.doubleclick.net/dynamic/5/83933682/13911327140193796911_3987520054666488292.jpeg
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d717dfcd-639f-4f93-897b-684109d4ad4e&dongle=0cfd
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPfwABxdxOFKllaK_ACvNiE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTU5MzA5MjM0NjU0OTUwNTI0NTUzNw%3D%3D
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1593092346549505245537&dbredirect=true&gdpr=0&consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1593092346549505245537&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/triplelift/1593092346549505245537?gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1593092346549505245537
Domain
c.bing.com
URL
https://c.bing.com/c.gif?xid=1593092346549505245537&Red3=TLMS_pd
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=9&gdpr=0
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d717dfcd-639f-4f93-897b-684109d4ad4e&ttd_puid=f559d660-0fb7-78fa-f9d2-a98617064989&gdpr=0&gdpr_consent=
Domain
jp-u.openx.net
URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y47M28Co8XUAANYf5q8AAAAA
Domain
cr-p3.ladsp.com
URL
https://cr-p3.ladsp.com/cookiesender/3
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIZNLdVBIg-z7RN2iQI4Nbk&google_cver=1
Domain
googleads4.g.doubleclick.net
URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaa3axKMobx28kgsB29jT7BZW6EBxffLjns7ujjztn6zLIl82oNR6fq5JHhESuD3BQBdRTQZ27IH15IJnApZ-I7GsK5WjMgUsJM7kKnciH3kHOZam9pP6JyMuBK7EGpH6j_rPsqcO-DiOlxkbptizq05A-udQ_JxE8XriuYNvkklxjn26EdCDF_LeAjm1S4TEAojtwxySpjg6p-vhQcrK0K1nNC-0x6UNvrLDtHtTC4vCeSLiRACVZtXedLYjB39wdEFQ81TBHiRJJM0Q9GYLdo0GH3GjS2jDg_RBOdVcCm8OfWLcm7UrFKDSxukBVfREiXEaGh2Bf0mx-dtcRm1iuLXRc2fCu8VxH4LEFFGncrkBdnoZlXc1fvemF53LjNMKrnw9_rEmpkFDIIXZi-tsAk5AUiQ115VTrkUhgoGS8c7dVANIzU15eZbFLey3qGpPsdOr1iDOl2oSC8DeXDPp6NnCj-BrMvFX8dIPq2deiS_38QfhoX-SUkX2SiI6Mn6UYpGYHAeYSQNP2pxaRrblLKhRYaKXjeYtL8rmKqZuvI1EfRr7WfXVlbS42VGsUfM1Usybv07DCJciq8D1HI2bBpRD1MG30nlYerkYBh6hGMNeHHeMPgql7460Z52lb91TBFEo1v1YEJuzZ7btZ6qzfp0MF3qkiTVHq4iDqlaoAim1Bepzgwb5-3hDBwUFYrWTQ9aIMGMcjrXS_UPtzS3xMWXg8-jmR7N3yLq00WS-TZ_9bF3aYaFiw_Gm4LEKE1aaa0VEIQGa9-3HKkH9RzsqskNABiqkfuMDdXY_edTMm3pGwXgNrGILi9WGM6LccXAY_ioD1Gupx0AZz6z8SJi6PUzdEmKxk3KtZe7ZWgQcc6fw98tn5Kjue-CIzFzXgOzEmyaoEa3vTtSrczJhOC-c2NOOeGhCa1w6vecDxGQctztd6g2KfrPHbzQPgAH1ktip7qh66FHpdKpsh8EC07lg93mVWRNOqgIbAOkkSvdgNhiPwdG-Rtn0S2Xr0BegDJu8z26lR2MFGzMN9WLGWR6SOO9iTNXRBV0pYaK5gjsKicbASD_d6SmqCQiItPZKyfLERyfIU_GXEwbVE2yjMs4FrthnFGHj5Z4oHkhtLr9uJDcanNbJh6A0qlAo4Asw5zgKvRAJ6iuwaAjFDbUGeF9_yTm-DWxoZTkb-44pxdLwK6DR1MJHxhKfP9KV5Pyq93MoYoRpjrVQ-ICh4PhPv-1U7_xBBNeOpUbA4V7d1sIqRlHjGPq7Ld5r4pM9sdkp3avX2N_sSANh5-tBUbrub3DKlSEaz_DCrrNgzppcyc6zwsyGYD5qTQ57amCBLJuZydOmo6yh2OYaxYnrrbFqpkOoNjkSg&sai=AMfl-YQ4nMeG9bvSPDzmMBCkReRDOVA3Nu-OwlZ2dZ6SPEAmc1wbbkyaVX4O3a1Q9_nyqmCwZdiuVCAeWztGTc5QoJ7bVCMQO9cVpMw6F-wD00wugLVvG9DqYXBbNBNKmGfa3N18txurZcjb1p0qz-X_n5qYshLFvji29m1mpogMvTz9vJ76wClP1ro-DSC8QIsor5D6yrIl7LowVsAPCFIwcgQmkIrZI1wJ4n1Du1ty9DqqXIyVVynl1gkAcTrjjsFr8iHEAPtEgcSWaPkWsVsFbGE8FdfsL0dR0uT4Cl3APeCAdJMsDMCLB_PbIKAuJeRL9pjpvOsgHnW639bBtsWMISmoCQC0w1f_XtkR3XshRlmlEo2-LhT7d2KqR2N96N59edDJuAer1P_Suy2fvIep5HU7pA&sig=Cg0ArKJSzOPgFj2eWQuZEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1673&vt=11&dtpt=1672&dett=2&cstd=0&cisv=r20221129.32417&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| setImmediate function| clearImmediate object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients undefined| $ undefined| jQuery function| jqAlias string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions boolean| descriptionPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

33 Cookies

Domain/Path Name / Value
.aralego.com/ Name: sspid
Value: 70e82f2e-4c30-3e86-8bdd-5a51bf474921
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 6b5c3bf2-5cfb-43fa-9eda-90839e860f6a
.bg3.co/ Name: __gpi
Value: UID=00000b8aa72d0ece:T=1670302932:RT=1670302932:S=ALNI_MZ_T2q2KSofGT7XaLqkqBwa63QYpg
.adpushup.com/ Name: ap_uid
Value: 24f1e091-7523-11ed-b37e-00224858c1e9
.adpushup.com/ Name: ap_usid
Value: 24f1e092-7523-11ed-b37e-00224858c1e9
.doubleclick.net/ Name: IDE
Value: AHWqTUkmIt-wThsczETcMFORxwzkrepFlnSYN_F2G_Q0wQEmKA8Md1JV5ekGllEjyG4
.3lift.com/ Name: tluid
Value: 1593092346549505245537
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 26f5e939-a630-470d-a304-616e73217a74
.smartadserver.com/ Name: pid
Value: 8643060395793444491
.yahoo.com/ Name: A3
Value: d=AQABBNXMjmMCEOcc7XDJnqi-xDLMmF-mDDUFEgEBAQEekGOYYwAAAAAA_eMAAA&S=AQAAAu3RtZ_WYIK1pDqifQEDmuU
fksnk.com/ Name: AWSALBCORS
Value: oqGj5aUDx15NjzF8RidGb+amy70EfPD1KRKlb6MfYWF2zl5n5zXqDyqIH4s2EKGLNFS7jk5xJD5b91EStzxFy9Y5yUpZUMpJH9XFfBZIfuDB9b+gbgGr+PmGVS1g
.fksnk.com/ Name: f_001
Value: E10A067D4DB3CA5F
.fksnk.com/ Name: g_001
Value: 1
.mediago.io/ Name: __mguid_
Value: b0120933d2583bc63691f402211a3e82
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~28ot
.openx.net/ Name: i
Value: 26f5e939-a630-470d-a304-616e73217a74|1670302933
.zemanta.com/ Name: zuid
Value: Buh0roqGjBXl09YOBXIT
.doubleclick.net/ Name: DSID
Value: NO_DATA
.omnitagjs.com/ Name: ayl_visitor
Value: 30476976bf70afcdcabfc49f856de2f5
.teads.tv/ Name: tt_viewer
Value: 833c6ba9-d57a-45c7-b300-4b02c1ebb892
.quantserve.com/ Name: mc
Value: 638eccd6-89e3e-d6860-a7380
.bg3.co/ Name: __qca
Value: P0-188036583-1670302933727
.rubiconproject.com/ Name: khaos
Value: LBBR8OL8-F-4PJT
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIEVDN5kU6vZHXrd8oPN4aCr0AVcUBLdRzdwYrSyinZ5S5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1670302936.1.0.1670302936.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1521116696.1670302936
.bg3.co/ Name: __gads
Value: ID=97102ce78fdcee80-2233966ec2d8006c:T=1670302932:S=ALNI_Mb55-5fr_lWruBHhMarx-gzmLgJAw
.criteo.com/ Name: uid
Value: 9ac76458-614a-40f0-89ce-fae717e33343
.bg3.co/ Name: cto_bundle
Value: kQ5DxV84bGZ4cXlpeSUyQlRsVEhsWkZ6N2UyTVg5cGd4d3owYThiYkF2U0pGWVBkblFUUnR4U1pnWmtDM2swbVZUJTJGRlBoQUxxUlBpb3Y4d25tbEZjZmJoQjNLbUl4U2JLeTVleXZscVdXSCUyQld0eFFpWVRXOUdHNno4U2JNNzdpT2x2NTQzUVBHaXlwZ21KWTFUcXNndDVBUGh6ekElM0QlM0Q
.adnxs.com/ Name: uuid2
Value: 8271438736434588899

33 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/8caca96a219adfaf45fe238fcfdbf268.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/d18018e0196c2e03715cab4de64b25ed.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/72d5d50fcac80232b7ad8a4c65719224.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e04583297cb953f71b75fc90af33a838.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1f419bcddf9bfd490c163211417d1a6a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6174b8c22d6d69eba691ba5540bbff65.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ba40b5ab45591a73e6cfc12246bfdf39.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/85e0e46558ece4653ad1572a5324ea08.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/44ea5d7adfd67501ecc8d0c80bbdc8b9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0ed511c14a8b5399cef2b4502ef4ed86.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5c916d0bf772915fa6e27be3034be6ba.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6964795facf4dc0f6ca71a6844756c4e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/3a12fb06a384c51771699214ba18a058.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1db78d24820192c5ce7abad0d07f7a72.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/1cb7c08921c03c00bddb45695c8bfaa9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/3480df9de303e30c8fef5967af4ae547.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/f125b8e1e6780c1130118580e0600af2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/30ae62455623b14e8de4096f70a36536.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/d31817ea70543205e3830976c619dcfa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/906a3469aaf910f43fa97501a14ba0d1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/5379ba281fc524e81f438fb45f1fd649.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202202/9360c67e3362930009dc0753ef351b1d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/fddead0c2edba9f5fd0cfdad93a1fa2d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/2c1c7cedf0c453508b88dbb32ba16ced.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/cec6585b9129f3e3ee697f97f0072cd5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ee29e0b2bc93225f6294fdec209d9ca6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1670302931&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670302929560&bpp=14&bdt=1935&idt=1754&shv=r20221129&mjsv=m202211290101&ptt=5&saldr=sa&correlator=879855899896&frm=23&ife=1&pv=2&ga_vid=83130985.1670302931&ga_sid=1670302931&ga_hid=431718204&ga_fc=0&ga_cid=amp-ALq6Nc9gjQBxhQjTGc0VNA&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=848&biw=1600&bih=1200&isw=336&ish=280&ifk=2110585547&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770880%2C44779077%2C31065825&oid=2&pvsid=3532622367497123&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.k1j2151lrjwq&fsb=1&dtd=1777
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvY2hhby1uYW4tbWEtbGktb3UteHUtamktYmFvLXhpYW8temFuZy1odWEtbWEtYnUtdGluZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4OTY4NjBfMTY3MDMwMjkzNDUwMCIsInVzZXJJZCI6Ijk3MTM5Nl8xNjcwMzAyOTM0NTAwIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNzE3MDU3XzE2NzAzMDI5MzQ1MDAiLCJwYWdlUGF0aCI6IiUyRmElMkZjaGFvLW5hbi1tYS1saS1vdS14dS1qaS1iYW8teGlhby16YW5nLWh1YS1tYS1idS10aW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGY2hhby1uYW4tbWEtbGktb3UteHUtamktYmFvLXhpYW8temFuZy1odWEtbWEtYnUtdGluZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6ImRlc2NyaXB0aW9uUGFnZSIsImV4cGVyaW1lbnRQYWdlIjp0cnVlLCJ0aW1lc3RhbXAiOjE2NzAzMDI5MzQ1MDF9
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/5737009695479037952/index.html".
javascript warning URL: https://www.bg3.co/a/chao-nan-ma-li-ou-xu-ji-bao-xiao-zang-hua-ma-bu-ting.html
Message:
The resource https://d-37025665272400591383.ampproject.net/2211182146000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01ed6bf37910b92b71280b12c15907db.safeframe.googlesyndication.com
138cda657e8861ac85bd346515f9d77a.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
aplogger.adpushup.com
b1sync.zemanta.com
beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
cs.media.net
csm.as.criteo.net
d-37025665272400591383.ampproject.net
delivery.adrecover.com
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
rtb.jp2.as.criteo.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.doubleclick.net
sync-dsp.ad-m.asia
sync.aralego.com
tlx.3lift.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad.turn.com
beecda688d8678f49fb599b18733dbce.safeframe.googlesyndication.com
c.bing.com
cm.g.doubleclick.net
contextual.media.net
cr-p3.ladsp.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
gdn.socdm.com
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
jp-u.openx.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
public.servenobid.com
px.ads.linkedin.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
static.doubleclick.net
sync-dsp.ad-m.asia
us-u.openx.net
x.bidswitch.net
103.229.10.247
104.16.87.20
104.17.25.14
104.18.36.94
104.254.151.36
104.26.3.91
13.33.33.43
13.76.45.37
135.125.160.77
139.162.38.30
139.5.84.243
142.250.4.154
142.251.10.155
142.251.10.156
142.251.12.101
142.251.12.154
145.40.88.5
151.101.129.108
152.199.39.108
172.217.194.104
172.217.194.149
172.217.194.156
172.217.194.94
172.217.194.97
172.64.154.237
172.67.71.254
174.137.133.49
18.136.149.241
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
209.58.188.181
23.106.127.165
23.108.102.145
23.195.153.54
23.36.252.26
3.33.220.150
34.107.148.139
34.98.64.218
35.208.249.213
35.213.117.18
35.227.252.103
35.71.178.8
42.99.140.200
42.99.140.201
44.196.169.238
44.238.189.168
51.79.234.101
52.183.162.69
52.68.16.50
52.74.13.196
54.255.38.159
54.75.59.39
64.202.112.159
69.16.175.42
69.173.158.65
74.125.130.156
74.125.200.132
74.125.24.132
74.125.24.154
74.125.24.95
84.17.37.44
0025aa08addc9008f9be153b8ed1569e0c74eb55b9d28e865d3a7be7c837a618
024d91c3054065badb0620513d43950988ef0bf5b387c68e56b52858f65d03ed
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
051986669daed4afb18c6a7eec01bcbb3adc7e9341439f1ef89f0ed3603adc81
052583d64aaa03f05ccd8fea7c7eb5d6760c4214be82f045e0fc37325cef0b6e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10caea6428219f80489bd888b5779115d88e35b87a52c073d4ec2b537009a46d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1a18adcfa4c6209d9cc059fa60d16d31d136a880cb68eac3f4bf029472df1914
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1db0a4afd78b6d1fb3195b3c3d91c462beee2bd0c880aea3561620518e2619e6
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
1eb972ebfa2cb4dba2f9ea3f38dfd2c8a865a02ddca5b3a34fd5939be2fd44a4
212f177514a137f13ace3a1f430ef052e524ec8ad8aa0bd2a214be3a88b28df2
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
27e4793879b789cdddce8ddb6f7e83b39391c9eca87ceeb7aa3dd14b10692e57
27ea348afb037e5427eb648fd71118f64690e90135e4721595cf2e743cf24209
2c60bf4a936b5f8ecc728e3afd7e99c37c8f28d5f6a16137a498e86b8e46d238
2d9d021cd222058373a2ff05fc29a19d59f6a8ed0c9ca3e39e7ab2cf470276e2
2f5f1790fa4abb0777c30b6cc6b27d0535b9679d3176d269c2a0c1eba9ebca2b
2fa167ce041f39333e8e0b6022f18418394d7586b58a08c62385101ade264f6e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3716de779fdf10052ade06f5df08741256e49502c2d740a1eca14d8de21e87bc
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3769738ed16c8c5b4eb41e051ac6b7826f924d9e31d3305bbe03b4f6e31143b7
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b85db6d8cc92173c08aff085ca911961c1d3ff64b7ae9cd683ee21d112383cc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca01089888932dab5991928436729da5e5d285c9978405f9bc46feb2bcfb8f0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8add459fa399dafc26635b2de8ad210daa1eb36b61e519abc45200b3b1c613
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a960aadb8d9485808d85c71cba1d14a0b1ed0e9be5c81737c56dfbcb9008ac
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59417b32fa3ddd3cabfc16abd30d9f2263afc446fdc87e15248b7fdcd88677ba
5e2df8262e92950212e7f76e7723d7d0208fe500a4ac49b75492b4b56f4c9c59
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fe3141dbd24a51e28ce11bd57db85818aa32b2257bac4079c1c614c6ce8f088
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635abd7fbbbba9e1a6821a89418ae23628ad0f9cbd398646b6b0874ae6b34339
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6c03f7a2de554f3d96bebb15c9253c645e23233d2a0359623daef9fabf3bd246
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7ac4e491f079c1677930f708be9d035966245afcd724f23325c8814d7a599474
7ad04b2badabcf30f85b8ebd363e3a90be5af777d8b9b641f4f333cd95e14218
7fa6f1daceb0d8b84b86ded11bbd88be5b0a3b1d94f6d6569977e7dd0e79ae35
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8a2e79d4593507cf2a6fa048f730833875ac3efa2df904bf9faae8c15645d2c7
8c4e3c47ca0add4147cc8bcd28aa5ec442ffec96577d3e635b036d274489adf2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8f81f92fe1f59217c1058a8eddf20d055799063c3a26aabe7acfddcb6976c94e
903cbdd1e7ac7fe874f0c2989b1f84c59969b89029038616f8e3e26784598b20
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
926fff08b4df87bfa12b856fe59d471b9a59c700c3f15a6f27daaaf4fcf40867
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
95a65d53627e823f9cb13dbf8ead3d39f8219f779b5e0e987e8aa4ead3de0ef8
96321388d7b41b8b126f329025b4b18408c09ae2b5d8a24bfa7ed41a9ae21c56
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
99a829fe58b6010104e3a527f3543c7a3aadd243f58a33d65769a1edf651c425
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2c9eb1b2603ee1e444e748eb3e0472dc2484d2bed303ee72c4bcd2313671b2
9d2c2839e4cead17d45e9807e75fd55eb2da553a73494f672001c91e98592c4e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a093d7eced580ff07adbb5f343b2db0f519eec181911b1fff911c372e4fedbe8
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a764d8fa0542053f90b23883eebaed46ce92833ad3d74c86f9b570f55aca0801
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a95822f1c1371dc03a934df5f495fc124a15b9439a94eb474dd0ee21a8e156ee
acbd967b013195d0a2c5f8ce38feb0c925bb330d8a684ee902c6b063e8ee0897
aee4e76db6bf16ef539fb860a248be6ff869cdd93a68857ea0e9234bf443b372
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b12ab76a21bbde6e61c2048ff6cc7893cf2e14ba27c2bc8ca5fec67bedef34fb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b55a502676a7d2ca683e8626348ad7ec37ab0ff4ebe795223baaaffc4d4c68
b27cf7f181b3ebc3f79a9fb888a60a0162f08e71f9ef723657cdd65051642540
b6959ba3f7da963feef4f63892e09695d472cdf86ea88e4a6c4f9449bdd35a03
b6b71485f9a7f2408269c8797b8fe25a0dbcf6171370b25edc20b75868aa8a58
ba265c4a139c5ea673f32664fa85d066d95471c65a62a25aa7ea2394c022d89c
bbadcc36d480e34cff9b3874a5a5d3a53d6256a0d1b2ad4713b3eeeef3999b69
bceaaa8df473b26f22fda4afc2bc638fbcd6d3b157450a859910dd70fb9d92ca
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c227f7890d9322a465fd5af0b6819939b251653890603e5fdec8f40fd96e8a95
c36fdff491d2a57ca8121c558adb09bf90d777676efc7e122df051c574d8f89d
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87
c6ae8c96567aa3aab20a8ccf7511e6b8be0473529053a56fe16b2e34e7ff534b
c6d3fe3be8f758847820c2c342d82dca1bb166539dde8a4fb57141480c5ae210
ca5350db4020b78c500d91efcee2e47adfd22e537524371e63fb376b71f61a65
cc2136f823da8cdae8e011bad664c5a48f5e51602ad92431c67ffda1c526e24c
d237e041d06fedea52b1eba0606d00369f009ab41d5a2d881fed4bfa548280a4
d29f308b76c03e3489129aa320e0ceeb714ff734dc504f7978ace7ed22d9e396
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d60600ceb57cf27518dd9f2c3217d47cd38b226f4d3644923dc7477d768db910
d6251151843a02330294884f9e8bdce5d978dc85b282533a89ccb616b9247aa8
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8370b807d1d4c18c166437963e66441ec378854186e24bba3f347af27d219ec
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
ddbed2d2048ca083a3993dfca1f5c49075a256d003ee78d444c9a397a40f41ef
ddce71f85a370bf2976e7a5ea345b6751d383505bcb0d6aa4284481eda5cc6be
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e30a2970aea56ba873dc88426b8aa97a97eae9e6c404bfce7452cc9a9f4e6fa1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e82eb159df221777ba28e44c6b67156cdef1c17def2e55348ad28fdce0d1cac1
e863d3c90bf2d50ea88a28ab13c23597bd23f15c4b8fd25892e7502537cc8551
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ece204926068a1611f704d94bff1f3a68ceabf09bac209b785980d9e1a6d8ce6
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee56d7095b8280397022d954ac5216fd99b6198910508557d95c8494bb66b1a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d9a32665adfa9a3d01d6b6bfa4550b5444578f7408503a44944d435cfc736
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f0a0092830c3f7eaa8113d93ab6d8b61b4580a58a9de5147c06963c2c4b3a6bd
f35ff183302d0372ba0544afc65be2611aa229162a3c7de35cc920deb6e4d9f7
f56be15a816f8caaf7a8a96a893a95461305c20de248c7988b3dc228a047070d
f85b221e07f505ecdb564fb4e0311d534bb10fd16b26a4d6af26ca077cca6f40
f8ddf5511fa34371aa9eb11de06d3eba917c0c00422cf92c780b79727ab4ab96
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fbb85ac3706645b721fe7cbda941cdd5d153b08feb6d1917c6e20a74072f0f94
fc392e66c8480302b8b139922da3d69c5bc65f057b101bc1ba0737a0fdf650fd
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e