urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Submission: On November 22 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 10 countries across 112 domains to perform 514 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
15 74.125.200.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
3 42.99.140.144 4637 (ASN-TELST...)
6 42.99.140.161 4637 (ASN-TELST...)
21 172.67.72.16 13335 (CLOUDFLAR...)
48 142.251.12.154 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
2 69.16.175.42 20446 (STACKPATH...)
12 142.251.10.156 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
4 172.217.194.100 15169 (GOOGLE)
9 142.251.12.157 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
5 142.250.4.154 15169 (GOOGLE)
2 18 172.217.194.156 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
2 13.33.33.118 16509 (AMAZON-02)
1 152.199.39.108 15133 (EDGECAST)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
30 142.251.10.132 15169 (GOOGLE)
9 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
8 74.125.24.105 15169 (GOOGLE)
2 5 103.229.10.211 16509 (AMAZON-02)
10 182.161.73.135 55569 (CRITEO-AS...)
3 182.161.73.142 55569 (CRITEO-AS...)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 44.230.118.67 16509 (AMAZON-02)
5 9 68.67.179.89 29990 (ASN-APPNEX)
2 172.64.154.237 13335 (CLOUDFLAR...)
1 18.138.90.76 16509 (AMAZON-02)
1 184.51.137.72 16625 (AKAMAI-AS)
3 18.182.157.181 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 35.213.117.18 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
1 2 145.40.88.5 54825 (PACKET)
2 12 35.244.159.8 15169 (GOOGLE)
9 54.75.88.22 16509 (AMAZON-02)
1 13.33.33.78 16509 (AMAZON-02)
2 52.183.162.69 8075 (MICROSOFT...)
5 182.161.73.136 55569 (CRITEO-AS...)
2 74.125.24.157 15169 (GOOGLE)
3 142.250.4.149 15169 (GOOGLE)
1 23.106.66.28 59253 (LEASEWEB-...)
1 209.58.163.49 59253 (LEASEWEB-...)
2 3 103.3.63.48 63949 (LINODE-AP...)
21 34 74.125.130.155 15169 (GOOGLE)
1 1 172.104.45.159 63949 (LINODE-AP...)
2 23.11.200.84 20940 (AKAMAI-ASN1)
7 184.51.241.170 16625 (AKAMAI-AS)
2 13.33.33.127 16509 (AMAZON-02)
3 11 139.5.84.243 27381 (CASALE-MEDIA)
4 6 50.116.239.135 6336 (TURN-US-ASN)
6 6 103.229.205.242 30419 (MEDIAMATH...)
1 4 104.18.24.173 13335 (CLOUDFLAR...)
11 12 35.213.12.39 15169 (GOOGLE)
2 2 35.213.93.179 15169 (GOOGLE)
4 7 52.220.163.160 16509 (AMAZON-02)
3 5 77.88.21.90 13238 (YANDEX)
3 34.149.43.113 15169 (GOOGLE)
8 9 35.71.131.137 16509 (AMAZON-02)
2 104.18.36.94 13335 (CLOUDFLAR...)
4 11 52.223.2.229 16509 (AMAZON-02)
10 184.51.136.24 16625 (AKAMAI-AS)
10 23.75.85.227 16625 (AKAMAI-AS)
1 52.84.45.129 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
1 1 54.192.150.56 16509 (AMAZON-02)
1 54.192.150.9 16509 (AMAZON-02)
4 13.33.33.4 16509 (AMAZON-02)
2 2 202.241.208.54 4694 (IDCF IDC ...)
2 2 13.33.88.71 16509 (AMAZON-02)
1 4 104.18.33.19 13335 (CLOUDFLAR...)
1 18.155.68.41 16509 (AMAZON-02)
4 42.99.140.192 4637 (ASN-TELST...)
1 18.136.127.148 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 13.115.124.23 16509 (AMAZON-02)
4 4 23.41.65.80 16625 (AKAMAI-AS)
2 2 198.8.71.130 ()
4 184.51.240.213 16625 (AKAMAI-AS)
3 96.17.188.24 16625 (AKAMAI-AS)
3 3 54.251.157.196 16509 (AMAZON-02)
2 2 182.161.73.146 55569 (CRITEO-AS...)
2 34.197.221.194 ()
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.98.194 ()
1 1 23.108.103.8 59253 (LEASEWEB-...)
2 4 209.54.182.161 ()
1 204.79.197.200 8068 (MICROSOFT...)
1 54.255.5.65 16509 (AMAZON-02)
4 4 52.74.162.2 16509 (AMAZON-02)
1 52.192.208.41 16509 (AMAZON-02)
1 5 23.106.127.53 59253 (LEASEWEB-...)
1 13.33.88.40 16509 (AMAZON-02)
2 2 209.191.163.208 ()
2 2 209.191.163.210 ()
1 37.157.5.141 ()
6 9 69.173.158.64 26667 (RUBICONPR...)
1 142.251.10.95 ()
2 2 68.67.160.186 ()
2 2 18.180.200.180 ()
6 7 151.101.2.49 ()
1 2 54.186.7.121 ()
2 2 23.106.69.72 ()
1 103.231.98.196 ()
11 54.238.120.71 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 34.232.147.170 ()
1 2 64.120.110.136 ()
1 1 52.41.101.164 ()
1 2 185.84.60.29 ()
13 103.231.98.194 ()
1 1 18.138.18.111 ()
1 1 139.162.38.30 ()
1 202.131.200.84 ()
1 3.113.156.50 ()
1 2 35.186.193.173 ()
1 3.1.14.27 ()
2 103.231.98.195 ()
1 1 35.230.38.116 ()
514 104
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
15    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
cdn.ampproject.org
6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com
b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    42.99.140.144 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-144.pacnet.net
delivery.adrecover.com
qsearch-a.akamaihd.net
6    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
21    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
48    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
12    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
securepubads.g.doubleclick.net
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
4    172.217.194.100 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f100.1e100.net
www.google-analytics.com
9    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
d-22543449742378924824.ampproject.net
5    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.co.nz
18    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
partner.googleadservices.com
googleads.g.doubleclick.net
www.googletagservices.com
adservice.google.co.nz
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
adx.holmesmind.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
30    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
9    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
8    74.125.24.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net
www.google.com
5    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
3    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    104.16.86.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    44.230.118.67 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-118-67.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
9    68.67.179.89 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    18.138.90.76 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-90-76.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    184.51.137.72 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
a.teads.tv
3    18.182.157.181 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-157-181.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
9    54.75.88.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    13.33.33.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-78.sin2.r.cloudfront.net
rules.quantcount.com
2    52.183.162.69 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
5    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
googleads4.g.doubleclick.net
3    142.250.4.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f149.1e100.net
s0.2mdn.net
1    23.106.66.28 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
theta267.rtb.appier.net
1    209.58.163.49 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
vst.c.appier.net
3    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
a.c.appier.net
34    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
cm.g.doubleclick.net
1    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
s.c.appier.net
2    23.11.200.84 (Pak Kret, Thailand)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-11-200-84.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
7    184.51.241.170 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-241-170.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    13.33.33.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-127.sin2.r.cloudfront.net
adpushup.bbvms.com
11    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
6    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    104.18.24.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
12    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
7    52.220.163.160 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
5    77.88.21.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
3    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ae1.doubleverify.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    104.18.36.94 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
11    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
10    184.51.136.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-24.deploy.static.akamaitechnologies.com
contextual.media.net
10    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.84.45.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-129.mrs52.r.cloudfront.net
public.servenobid.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    54.192.150.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-56.sin2.r.cloudfront.net
cdn.bluebillywig.com
1    54.192.150.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-9.sin2.r.cloudfront.net
cf-syd.cdn.bluebillywig.com
4    13.33.33.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-4.sin2.r.cloudfront.net
stats.mainroll.com
2    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.33.88.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-71.sin2.r.cloudfront.net
cr-p3.ladsp.com
4    104.18.33.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    18.155.68.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-41.sin52.r.cloudfront.net
cdn.besafe.global
4    42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net
ad.appier.net
1    18.136.127.148 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-127-148.ap-southeast-1.compute.amazonaws.com
geo.moatads.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    13.115.124.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-124-23.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
4    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    198.8.71.130 (None, )

ASN- ()
p.rfihub.com
4    184.51.240.213 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    96.17.188.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-188-24.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
3    54.251.157.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-157-196.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    34.197.221.194 (None, )

ASN- ()
cs.emxdgt.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN- ()
p.adsymptotic.com
1    23.108.103.8 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
4    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    54.255.5.65 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-5-65.ap-southeast-1.compute.amazonaws.com
d.adroll.com
4    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.192.208.41 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-208-41.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
5    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1    13.33.88.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-40.sin2.r.cloudfront.net
cs-rtb.minutemedia-prebid.com
2    209.191.163.208 (None, )

ASN- ()
ce.lijit.com
2    209.191.163.210 (None, )

ASN- ()
ap.lijit.com
1    37.157.5.141 (None, )

ASN- ()
cm.adform.net
9    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    142.251.10.95 (None, )

ASN- ()
imasdk.googleapis.com
2    68.67.160.186 (None, )

ASN- ()
secure.adnxs.com
2    18.180.200.180 (None, )

ASN- ()
match.prod.bidr.io
7    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    54.186.7.121 (None, )

ASN- ()
dpm.demdex.net
2    23.106.69.72 (None, )

ASN- ()
gu.dyntrk.com
1    103.231.98.196 (None, )

ASN- ()
image6.pubmatic.com
11    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    34.232.147.170 (None, )

ASN- ()
cs.minutemedia-prebid.com
2    64.120.110.136 (None, )

ASN- ()
ads.us.e-planning.net
1    52.41.101.164 (None, )

ASN- ()
visitor.omnitagjs.com
2    185.84.60.29 (None, )

ASN- ()
c1.adform.net
13    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    139.162.38.30 (None, )

ASN- ()
gocm.c.appier.net
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    3.113.156.50 (None, )

ASN- ()
dps.jp.cinarra.com
2    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
2    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
1    35.230.38.116 (None, )

ASN- ()
um.simpli.fi
Apex Domain
Subdomains		 Transfer
83 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com
b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
990 KB
57 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
bid.g.doubleclick.net Failed
533 KB
27 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com — Cisco Umbrella Rank: 541
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
pixel-us-east.rubiconproject.com Failed
63 KB
22 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
pix.as.criteo.net — Cisco Umbrella Rank: 15906
csm.as.criteo.net — Cisco Umbrella Rank: 15767
147 KB
22 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
16 KB
20 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com
image8.pubmatic.com Failed
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
40 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
14 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
6 KB
16 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
249 KB
14 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
c21lg-d.media.net
27 KB
13 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
7 KB
12 gumgum.com
usersync.gumgum.com Failed
g2.gumgum.com — Cisco Umbrella Rank: 1324
4 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
3 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
5 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com
27 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
6 KB
11 appier.net
theta267.rtb.appier.net
vst.c.appier.net — Cisco Umbrella Rank: 12878
a.c.appier.net — Cisco Umbrella Rank: 13802
s.c.appier.net — Cisco Umbrella Rank: 4628
ad.appier.net — Cisco Umbrella Rank: 7077
gocm.c.appier.net
7 KB
11 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
bidder.criteo.com — Cisco Umbrella Rank: 691
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
59 KB
10 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
7 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
217 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
5 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 406
geo.moatads.com — Cisco Umbrella Rank: 657
px.moatads.com — Cisco Umbrella Rank: 473
111 KB
8 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
2 KB
7 everesttech.net
sync-tm.everesttech.net
2 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
4 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
r.turn.com — Cisco Umbrella Rank: 3470
3 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
4 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 807
rtb-csync.smartadserver.com
3 KB
5 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3438
1 KB
5 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 448
rtb0.doubleverify.com — Cisco Umbrella Rank: 649
rtbc-ae1.doubleverify.com — Cisco Umbrella Rank: 23209
26 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
11 KB
4 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
2 KB
4 mainroll.com
stats.mainroll.com — Cisco Umbrella Rank: 20726
2 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
189 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
574 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 adform.net
cm.adform.net
c1.adform.net
1 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
151 KB
2 ctnsnet.com
ipac.ctnsnet.com
673 B
2 e-planning.net
ads.us.e-planning.net
u-sin01.e-planning.net Failed
s.e-planning.net Failed
i.e-planning.net Failed
1 KB
2 creativecdn.com
creativecdn.com
701 B
2 dyntrk.com
gu.dyntrk.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 495495
cs.minutemedia-prebid.com Failed
5 KB
2 adsymptotic.com
p.adsymptotic.com
477 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 rfihub.com
p.rfihub.com
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4467
1 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
2 KB
2 bluebillywig.com
cdn.bluebillywig.com — Cisco Umbrella Rank: 19890
cf-syd.cdn.bluebillywig.com
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
963 B
2 bbvms.com
adpushup.bbvms.com — Cisco Umbrella Rank: 32345
295 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
787 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
visitor.omnitagjs.com
947 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 511646
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1002 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
78 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 simpli.fi
um.simpli.fi
656 B
1 adgrx.com
cm.adgrx.com
230 B
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 ambientdsp.com
cm.ambientdsp.com
652 B
1 contextweb.com
bh.contextweb.com
664 B
1 googleapis.com
imasdk.googleapis.com
222 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1431
181 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
667 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2481
586 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2182
173 B
1 besafe.global
cdn.besafe.global — Cisco Umbrella Rank: 11771
13 KB
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1634
296 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
632 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
502 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-22543449742378924824.ampproject.net
0 audrte.com Failed
a.audrte.com Failed
0 playground.xyz Failed
ads.playground.xyz Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 iprom.net Failed
core.iprom.net Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 clientgear.com Failed
event.clientgear.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 1rx.io Failed
sync.1rx.io — Cisco Umbrella Rank: 519 Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 onetag-sys.com Failed
onetag-sys.com Failed
514 112
Domain Requested by
48 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
34 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
g2.gumgum.com
30 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
21 static.bg3.co www.bg3.co
12 x.bidswitch.net 11 redirects
12 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
www.googletagservices.com
11 usersync.gumgum.com contextual.media.net
public.servenobid.com
g2.gumgum.com
eus.rubiconproject.com
11 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
11 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
10 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
ads.pubmatic.com
10 pix.as.criteo.net ads.as.criteo.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 match.adsrvr.org 8 redirects cdn.adpushup.com
9 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
ssbsync.smartadserver.com
9 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
cs-rtb.minutemedia-prebid.com
9 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
9 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
9 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
8 simage2.pubmatic.com ads.pubmatic.com
8 www.google.com tpc.googlesyndication.com
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
8 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
7 sync-tm.everesttech.net 6 redirects ssum-sec.casalemedia.com
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
7 e3.adpushup.com www.bg3.co
6 px.moatads.com 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
6 sync.mathtag.com 6 redirects
6 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 image2.pubmatic.com ads.pubmatic.com
5 pixel.rubiconproject.com 2 redirects
5 us-u.openx.net 2 redirects u.openx.net
5 an.yandex.ru 3 redirects 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
5 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.adpushup.com
contextual.media.net
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 token.rubiconproject.com 4 redirects
4 ups.analytics.yahoo.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum-sec.casalemedia.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 secure-assets.rubiconproject.com 4 redirects
4 ad.appier.net 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
4 stats.mainroll.com
4 ad.turn.com 4 redirects ads.pubmatic.com
4 adpushup-d.openx.net cdn.adpushup.com
4 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
4 www.google-analytics.com www.bg3.co
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 px.ads.linkedin.com 2 redirects
3 pm.w55c.net 3 redirects
3 a.tribalfusion.com 1 redirects 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
ads.pubmatic.com
3 cms.quantserve.com 2 redirects 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
3 a.c.appier.net 2 redirects 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
3 s0.2mdn.net 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
adpushup.bbvms.com
s0.2mdn.net
3 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 csm.as.criteo.net ads.as.criteo.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 image4.pubmatic.com ads.pubmatic.com
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ads.us.e-planning.net 1 redirects cs-rtb.minutemedia-prebid.com
2 creativecdn.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 secure.adnxs.com 2 redirects
2 ap.lijit.com 2 redirects cs-rtb.minutemedia-prebid.com
2 ce.lijit.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 dis.criteo.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 pool.admedo.com 2 redirects ads.pubmatic.com
2 rtbc-ae1.doubleverify.com cdn.doubleverify.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 r.turn.com 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
2 adpushup.bbvms.com cdn.adpushup.com
adpushup.bbvms.com
2 cdn.doubleverify.com 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
cdn.doubleverify.com
2 googleads4.g.doubleclick.net www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 prebid.a-mo.net 1 redirects cdn.adpushup.com
public.servenobid.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 um.simpli.fi 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 cs.minutemedia-prebid.com cs-rtb.minutemedia-prebid.com
1 bh.contextweb.com 1 redirects cs-rtb.minutemedia-prebid.com
1 image6.pubmatic.com ads.pubmatic.com
1 imasdk.googleapis.com s0.2mdn.net
1 cm.adform.net public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
1 g2.gumgum.com public.servenobid.com
1 c21lg-d.media.net contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 tr.blismedia.com 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
1 geo.moatads.com z.moatads.com
1 cdn.besafe.global 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
1 cf-syd.cdn.bluebillywig.com client
1 cdn.bluebillywig.com 1 redirects
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 js-sec.indexww.com cdn.adpushup.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 s.tribalfusion.com 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
1 z.moatads.com 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
1 s.c.appier.net 1 redirects
1 vst.c.appier.net www.bg3.co
1 theta267.rtb.appier.net www.bg3.co
1 qsearch-a.akamaihd.net
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
1 campaign.adpushup.com www.bg3.co
1 b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-22543449742378924824.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 bid.g.doubleclick.net Failed imasdk.googleapis.com
0 i.e-planning.net Failed ads.us.e-planning.net
0 s.e-planning.net Failed ads.us.e-planning.net
0 a.audrte.com Failed ads.us.e-planning.net
0 u-sin01.e-planning.net Failed ads.us.e-planning.net
0 ads.playground.xyz Failed ads.pubmatic.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 odr.mookie1.com Failed ads.pubmatic.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 event.clientgear.com Failed ssbsync.smartadserver.com
0 ads.yieldmo.com Failed cs-rtb.minutemedia-prebid.com
0 sync.bfmio.com Failed cs-rtb.minutemedia-prebid.com
0 ssc-cms.33across.com Failed cs-rtb.minutemedia-prebid.com
0 rtb.mfadsrvr.com Failed cs-rtb.minutemedia-prebid.com
0 sync.1rx.io Failed cs-rtb.minutemedia-prebid.com
0 ssp.disqus.com Failed cs-rtb.minutemedia-prebid.com
0 match.sharethrough.com Failed cs-rtb.minutemedia-prebid.com
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
0 image8.pubmatic.com Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.inmobi.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 match.deepintent.com Failed g2.gumgum.com
ads.pubmatic.com
0 sync.technoratimedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 aax-eu.amazon-adsystem.com Failed
0 sync.go.sonobi.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 stags.bluekai.com Failed contextual.media.net
ssum-sec.casalemedia.com
g2.gumgum.com
0 onetag-sys.com Failed cdn.adpushup.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
514 183

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
www.bluebillywig.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rtb.appier.net
AlphaSSL CA - SHA256 - G2		 2022-11-01 -
2023-12-03		 a year crt.sh
*.c.appier.net
R3		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
bbvms.com
Amazon		 2022-07-25 -
2023-08-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.mainroll.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
cdn.besafe.global
Amazon		 2022-05-26 -
2023-06-24		 a year crt.sh
*.appier.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 95 frames:

Primary Page: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Frame ID: 6F2ABF4CCFBBB272DCCDF1DC15E11736
Requests: 117 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1331A0342DD89E34712304F56D435A73
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0AB39BAC589F21145026987198897814
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: CA505D7E6AE842B6F7C1DC6A40CFC241
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D34ADFF3E8675FB7F82476F5C5552B23
Requests: 10 HTTP requests in this frame

Frame: https://6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 800C8C08446276FABBB61F0FAC06FB89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Frame ID: 2D78B93B0541130786A61A88650833F5
Requests: 8 HTTP requests in this frame

Frame: https://b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C13567FA8BBDA70D83A4D346CE54982A
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: CF5C0AB619A3BA44FC2AC5E7A3D38489
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-7183181834147027020&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3213&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=98572008060&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&ga_hid=8060&dt=1669137036056&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&bdt=5039&dtd=693&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 1ED62EDD650C29325F3595C7E191B711
Requests: 1 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 9D2144F3A480F8B69A92070C6F59411D
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ADC1B4696ED704336578DB4437E44B00
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 749C094991555B6EAF757F05CDA788B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED194C9CD87ED17A09E8436DD047DA68
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A6C1F7BB07279403A44582E0E8D637D
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: D245C531A8F97144C48DCD33BD42168C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 03B92EE159E30C982BCE353AFA0D79F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C71461B912BCEA70B3CD9A46158D45FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29C2FFE2E7CBB0200D8C5ED41E9ED1F3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137040461&bpp=4&bdt=531&idt=478&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=5589688973120&frm=8&ife=1&pv=2&ga_vid=71806132.1669137041&ga_sid=1669137041&ga_hid=443256419&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531705%2C44770880%2C44777949%2C44779076&oid=2&pvsid=3827996945744677&tmod=873941560&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.fzkqn6dkltt3&fsb=1&dtd=496
Frame ID: A032B0FF1300E2D4ACB252D7FEF000C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137040465&bpp=1&bdt=536&idt=499&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5589688973120&frm=8&ife=1&pv=1&ga_vid=71806132.1669137041&ga_sid=1669137041&ga_hid=443256419&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531705%2C44770880%2C44777949%2C44779076&oid=2&pvsid=3827996945744677&tmod=873941560&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.7j2862aiosp4&fsb=1&dtd=504
Frame ID: 7B7C7E45E10C5A81F2541592B1843EF9
Requests: 1 HTTP requests in this frame

Frame: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C06F30633262FB3B94D9E9A6E95E71C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FA55D907AA042F0B74B4BF0E9C61185
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EB609B249AA88A76F62D036BC94ADF8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A531DF50CEB01FDEBA17E64DF83705F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5FA4917F7D7D8D865E28E83287E199E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 651697932D546871C5F0B4E7316C7D7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C0DDFB80EF184E74C3A06316357B5F8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 987A04CD6E066CA3736CC070473836BA
Requests: 2 HTTP requests in this frame

Frame: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7945A395EE2173174F8A216C19E7221E
Requests: 13 HTTP requests in this frame

Frame: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C29F85F9568B8EE595D606534B5E970B
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpqhWWeMWr0WX79UyAANxslalPRb_kEfIsckd8jHlFQXZ6pdnYBCLVoRQDg7euntsTtB3npwj07HdiCN7SOWu_agfSHUldumgbJH2cofmG2WAJ1-v-hU9-Rg_IP3Myoitk7H92gHEXk8e39VbOfpakeIcG7BXoQrxR6MttIzbVjxZmhi9hnUMbPCqqbvVEkyR5OS8bTufq2qotYTbTq1Oze9Ko-H1O44n3P9f081hzKsgQgbpYHERG0s9Q8WspDpxSeyg41SdBbXoja0PDHDTiJbxoYy1x0qQ24xBHZDuy1CTzn_ITxvnlm1HP&sai=AMfl-YStFoktk102oJ2FT6dmY-Wbt3YzazrdwkDwdiJ1K9mWA9HRzJDVtKgGh032RB_M8CdeSJsfCH47dpUjWJSEkPbdi84XwrWMXxdJyXow0mvm7QbwTBafcZwf4X9Meirk&sig=Cg0ArKJSzKPetaXFi5smEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E45000B5BA24A4D09FEE99FC8462A6C4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGKf8r9oBMAE&v=APEucNVQmY8XGFZLPxe_RExRM0ucZe_drkiK9EaCtJhcPYtTpvRzN51o-Kmh7PjQJtmDJGDsb2v8i4rfeOGEUDlvyXf0fBi39Q
Frame ID: ECAFF01C446BA352C7C551692325374B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D7E64EBF0CB045C353C141013FD00BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E961A6DF567AC5D4BABF84861BC7E325
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7CB0F029E89B91912A232B1B402A1DE9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8EE70CB6B97E55E248A09EB5A9A338C6
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3C58760A17B6CBDAB0F4662F5884CA21
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CBBC41EB79B6B79ACB8275750695AC19
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 6D42D3F048AD86B67682163E27220ECE
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 08682A8AB104FEF7022EF5DB53B6BE55
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 46A2582F69B0D7438A8DD06A8A683A23
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3CFEC953442B24B03D804A207E797BCA
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1669137041784
Frame ID: CC135C0251228B0884A9E3297AF2A872
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B3B6B54D92AE53FB1D7FFB79A3D3FB25
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A10AA1F4B3EC1C7BC27CAA83DFC3F6A1
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 992CAD1401FC756CB42B38D998876948
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 512E7C84C76A87E0FEED2FD317FC7471
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=rkt&refUrl=&vid=91370456343121386457444248000V10&ovsid=1976306190189114144
Frame ID: 28F642B517815DA130F1099B6667AD2A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Frame ID: F227B823115B1550FB3C468F88FBEB62
Requests: 16 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 021CCE683545F82795868FF05F4BFD5D
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 36FB1BB784E7610E42B3FF51ADFAF6A1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 75CF21EB483C611D2E15574369B9E893
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: B42E94EE26795E8C10D603114ED0C0BA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 1D148256DF326B9CB96803ACA56F6DB9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: F9ED883590F0A2CF07944D2B1CECC6E5
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 73FD080B53453055569906F678E99EA6
Requests: 28 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: C7AEBFD28665912C0D089BF29A84D882
Requests: 2 HTTP requests in this frame

Frame: https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: 3B82F62EE7A11C74AE22EA3FD0CF16C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 2F29525B4CAF40D67AC9E1B13ACFC5F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=fc203268-cedd-47ec-b726-b552b95aa490
Frame ID: D02BD16A1B4ACB0AE9A4431CDAE50E7C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Frame ID: FB1F6DA26CE55284367DA97FA40A7CCD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7
Frame ID: E1C52E9C759D7CEF4DE6BEC36A04A8FF
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wOWI0OWFkZS1iMzhkLTQ1OTUtYmJhYy03ZTMzNzQ1MWIxNzU=&gdpr=0&gdpr_consent=
Frame ID: 879218E2E9AB7246F8771DB6ADB95366
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 52CC357197C9C738203243AADD297BE3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y30ClsCo5swAALWPft4AAAAA
Frame ID: E8AEF34361E068743F0FA55105CC751C
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: 59BDA894B7E2283D97542D593B82150E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y30ClAt9L6pgBbxwFyHaOwAA%264694
Frame ID: 3E483F2C627A2240ECEE166911F11926
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=H2hTu0ipymzLWumP2Nhf&pi=gumgum&tc=1
Frame ID: 1FCFB03411E040E7A56D1706FEA6B240
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E0E811D68406E880E9807CD2C40962BA
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Frame ID: 78C53B364CEA4ACE5AE5A2BB9FCD937F
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 6567D8363803FEDE0FB2581E5CC84CFA
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: B583BB27EE5CB9286E40BD5A7D3947F8
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
Frame ID: 7AE1C12C541A045851D3AD3F63703EEB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Frame ID: 990237438D63F4F4BDA1D3A3E2BD6F4C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=
Frame ID: 04392796EFF97E42903EB2FB6089C7CC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xwwtc1t9dvg
Frame ID: B5536081D655DB29E4CA40A5E4BDB935
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-kZuX_xHYArhTToPrhZ0C65Ea1rhTGpa9EUYpZ07
Frame ID: C90629938F584AB2EE537A303A15F002
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1531151141028342390&gdpr=0&gdpr_consent=
Frame ID: 5424B6EC39C6B5CC2EB25700C3CB8462
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B963DE0931DF503D7D427E918F7FCB6D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TjoMOBp6Ab-FeqPNkwJ9Yw
Frame ID: 95E393225122D96F7F900F9BE1AAFC05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D-Fz50elRbxBEH4PchQOiXRaSso
Frame ID: 99A6FABFDF5C7C068DC57C4973C8638C
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 5BB6741FE4F68DD945FE5552EECD014C
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=7230A8E3-A6FD-4047-B03F-823D0224B61C
Frame ID: 2D2D6BA883A25797481366E56173D98C
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7D9F8FD6F98770FF8522B13BB196B218
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=408f3bd2c37648838e0f159c08aa8b1d
Frame ID: B5574A686DD1FF1652EC1510E53CFE6F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1LrlEmRL1OXwNg5&gdpr=0&gdpr_consent=
Frame ID: E9D0626B74D7DDC7FD693C00F64BB508
Requests: 1 HTTP requests in this frame

Frame: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08d208db-7f04-43af-9c49-869895b60547&ssp=adconductor&gdpr=&gdpr_consent=
Frame ID: C937043DE4D305F4C9BB5994FCCD9317
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1FD8105F855D9CDCE336E1DC3DFE2984
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1F0B73261BBE9321FFD91B092363AF0B
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2BDF302B5367AA15E29F6DEF91BA326A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1669C521203DA37F8EA781169772CAF7
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: A943E0048C2223F5FD4B8E63EB69AF9C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=pba&refUrl=&vid=91370456343121386457444248000V10&ovsid=7230A8E3-A6FD-4047-B03F-823D0224B61C
Frame ID: 8F271FC2BC7D0A31228C697E5D18A94B
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 98C841410EFE0F2635F73814A2FB57A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

王欣儀掃除超級大違建! 籲選民「千萬不能再分票」 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

514
Requests

69 %
HTTPS

0 %
IPv6

112
Domains

183
Subdomains

104
IPs

10
Countries

3648 kB
Transfer

10903 kB
Size

97
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034745&bpp=12&bdt=2095&idt=1803&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=1&ga_vid=1630309846.1669137037&ga_sid=1669137037&ga_hid=507790595&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1414&biw=1600&bih=1200&isw=336&ish=280&ifk=3705167178&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44777508&oid=2&pvsid=4173014957902616&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7cyla3k0u5fy&btvi=1&fsb=1&dtd=1810 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 155
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137038414&bpp=14&bdt=427&idt=832&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=5589688973120&frm=8&ife=1&pv=2&ga_vid=1489096218.1669137039&ga_sid=1669137039&ga_hid=1074441614&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070968%2C44770881%2C44778769&oid=2&pvsid=1588066017044767&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.4mua1js3v0o8&fsb=1&dtd=850 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 234
  • https://a.c.appier.net/gcm?trigger_hosted_sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dHNRNWdlY2dBaWFTNTBEaWt3SjlZdw%3D%3D&google_redir=https%3A%2F%2Fs.c.appier.net%2Fgcm2%3Ftrigger_hosted_sync%3D1 HTTP 302
  • https://s.c.appier.net/gcm2?trigger_hosted_sync=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier_pc&google_hm=VGpvTU9CcDZBYi1GZXFQTmt3SjlZdw%3D%3D HTTP 302
  • https://a.c.appier.net/gcm
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&C=1
Request Chain 248
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y30ClHuf3dWc5pgO3u.P1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&google_hm=2
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkp_grOAAxtXuPlOxi30AE&google_cver=1
Request Chain 250
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMTE1MTE0MTAyODM0MjM5MA%3D%3D
Request Chain 257
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1&google_push=ASkJ3FaVdqjkdEl_3jVu8WoqOYJyX12jbsiedw7h6W3Dfbjw3FlvzJo92d1tsO55wFojEnRmjyljRjiDjwBHYojdG2x_0BerxkjSoRu8eK2yFpmyMWez26e-3sduL9YE4QOknmJI_HSaXeHJYQaNv9v_8vA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5NDAwMzEyNDE5NTI4Mjk0Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPn0-Ty8oJRvSdiW33zf1Sk&google_cver=1&google_push=ASkJ3FYf6X8737u8ZpUugnBsUudZY0AbA9ueEojoiUe8RG5DXZoej3mpq1kvZCWH0JMLGICgIdm2uEiNmV4nLMa3HhiPnAlgOMjZTLqvZ8KpVFciUTh9pQy6oERAM5sIQj5GA0VpWTotDBhiu6M4aEyyuQ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYf6X8737u8ZpUugnBsUudZY0AbA9ueEojoiUe8RG5DXZoej3mpq1kvZCWH0JMLGICgIdm2uEiNmV4nLMa3HhiPnAlgOMjZTLqvZ8KpVFciUTh9pQy6oERAM5sIQj5GA0VpWTotDBhiu6M4aEyyuQ0
Request Chain 260
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1&google_push=ASkJ3FYKhYEpvGgn7pJywl-bTeBPBQHGfzhZwEXg7DxqFeG6LhK_l9CL1HqhzEtZRBvmyqKRNOsQ5mS2R0y1bbg0RCNrVRBOOY_G_q7vsg5RV5YBgg88MtPlVYmQJRaSpOfoQdXtvCKPy6MbIcmodZBVZQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1&google_push=ASkJ3FYKhYEpvGgn7pJywl-bTeBPBQHGfzhZwEXg7DxqFeG6LhK_l9CL1HqhzEtZRBvmyqKRNOsQ5mS2R0y1bbg0RCNrVRBOOY_G_q7vsg5RV5YBgg88MtPlVYmQJRaSpOfoQdXtvCKPy6MbIcmodZBVZQ HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=06540c7e-6b14-4609-894b-6f9a99234eae&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYg4PtQ_cCXGvrABIsKNQsJrHUdsykL5KTvuEEPO8Zxs2_w1bEB6kHWlMZEesrKyaNIGFyR-866FkTsrNZUixTYMFwQw5GyIg&google_hm=CNII238EQ6-cSYaYlbYFRw==
Request Chain 262
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPJ2XahEqJt8u1qVHouIFyI&google_cver=1&google_push=ASkJ3FY2qvei1pJUtHhlVAcXEJirEqxtpYd0agUR-Jrh4PvYlyRoy9SxPJes5CjYQhx68JqTT-4_FLkt85sXf5va_og4QA5tP3MgubNpyE2LlOp-fMuVmeDXrbrXZF7WT-KlfYTw3miP2iT2KLbNZ9GjRyI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY2qvei1pJUtHhlVAcXEJirEqxtpYd0agUR-Jrh4PvYlyRoy9SxPJes5CjYQhx68JqTT-4_FLkt85sXf5va_og4QA5tP3MgubNpyE2LlOp-fMuVmeDXrbrXZF7WT-KlfYTw3miP2iT2KLbNZ9GjRyI&google_hm=NTkzNjA3MTIwMjI5Mjk3NTA0OA%3D%3D
Request Chain 263
  • https://an.yandex.ru/mapuid/google/CAESEFw5AqwqxtX9pLxzKupvQ6c?ext-param=ASkJ3FaAyUraWHckwSukffD_hWRJLASQo9sfffqWhNXp9wL7skqiX7TY_vlMJL2LqDLQvQyClDi1xUtV_RoaDT_EPv62GptSn9i7vSOYXzfEByCDpPvr2q69A8uxfLZR139CI7iubVuPoAK-0V0dywtUVxle&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEFw5AqwqxtX9pLxzKupvQ6c?redir-setuniq=1&ext-param=ASkJ3FaAyUraWHckwSukffD_hWRJLASQo9sfffqWhNXp9wL7skqiX7TY_vlMJL2LqDLQvQyClDi1xUtV_RoaDT_EPv62GptSn9i7vSOYXzfEByCDpPvr2q69A8uxfLZR139CI7iubVuPoAK-0V0dywtUVxle&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFw5AqwqxtX9pLxzKupvQ6c&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 275
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 284
  • https://cdn.bluebillywig.com/fonts/ubuntu.css HTTP 307
  • https://cf-syd.cdn.bluebillywig.com/fonts/ubuntu.css
Request Chain 289
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8594003124195282946&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 290
  • https://match.adsrvr.org/track/cmf/openx?oxid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc203268-cedd-47ec-b726-b552b95aa490&ttd_puid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0&gdpr_consent=
Request Chain 291
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y30ClcCo5swAALWPfr8AAAAA
Request Chain 292
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQtTxRAw7F57ks8ADxwUuzjZjM8AAAGEoFIZ_w
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH4qlRLEMiRclTmwtdnUk5o&google_cver=1
Request Chain 310
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1&google_push=ASkJ3FbQvkEuXfIUg-xQ57MagibM59wWRrHgd7_k2UfRaGXg2BZjXYmgG1z12qk6r4F4GCi2rCRIL91kb2AFrW55-crN-MUOyo3b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5NDAwMzEyNDE5NTI4Mjk0Ng==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
Request Chain 313
  • https://a.c.appier.net/gcm?google_gid=CAESEAZMfbl3ASvci1N5aMEepy4&google_cver=1&google_push=ASkJ3FbIjIP9f-Shvlq2vR0Xm35bSrJ-Z7gv981sHVRIFQ3ZdvWogFh_atMwF2wUu4eDpuPN7tEWDgQ1dsStX00hecZUoXOFsciEtw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VGpvTU9CcDZBYi1GZXFQTmt3SjlZdw%3D%3D&google_push=ASkJ3FbIjIP9f-Shvlq2vR0Xm35bSrJ-Z7gv981sHVRIFQ3ZdvWogFh_atMwF2wUu4eDpuPN7tEWDgQ1dsStX00hecZUoXOFsciEtw
Request Chain 314
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1&google_push=ASkJ3FYg4PtQ_cCXGvrABIsKNQsJrHUdsykL5KTvuEEPO8Zxs2_w1bEB6kHWlMZEesrKyaNIGFyR-866FkTsrNZUixTYMFwQw5GyIg HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c4f076fd-3068-43b4-ae94-9c197b93f2f7&user_group=1&ssp=google&bsw_param=08d208db-7f04-43af-9c49-869895b60547 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=CNII238EQ6-cSYaYlbYFRw== HTTP 302
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1
Request Chain 315
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPJ2XahEqJt8u1qVHouIFyI&google_cver=1&google_push=ASkJ3FbyKXfdue3HQq68GL1hkMU4a_4u59iGlghV_uMwn1FnndOO7cQLJ38WveqgKJKe6BiaJiHBdTgtvuQ6at-Cw0yz1DxsIEzW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbyKXfdue3HQq68GL1hkMU4a_4u59iGlghV_uMwn1FnndOO7cQLJ38WveqgKJKe6BiaJiHBdTgtvuQ6at-Cw0yz1DxsIEzW&google_hm=NTkzNjA3MTIwMjI5Mjk3NTA0OA%3D%3D
Request Chain 316
  • https://an.yandex.ru/mapuid/google/CAESEFw5AqwqxtX9pLxzKupvQ6c?ext-param=ASkJ3Fb0dtxiOzMx7tXljXXSVY9rvI4edgNmI775bqVM6AZWUXuGdfQJL_sZ4M6erCkESBN1IVqRL4zfWxftT_jBsCXNfdFlZ31at1M&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFw5AqwqxtX9pLxzKupvQ6c&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 320
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 321
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Drkt%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=rkt&refUrl=&vid=91370456343121386457444248000V10&ovsid=1976306190189114144
Request Chain 323
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dapx%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=apx&refUrl=&vid=91370456343121386457444248000V10&ovsid=1531151141028342390
Request Chain 324
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dopx%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=opx&refUrl=&vid=91370456343121386457444248000V10&ovsid=d41e057f-b623-4842-9cb0-4cd33a0d4754
Request Chain 325
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dmma%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=mma&refUrl=&vid=91370456343121386457444248000V10&ovsid=e073637d-0294-4b00-bf16-cba7f46ad359
Request Chain 326
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dr1%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dr1%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%5BRX_UUID%5D&cb=1669137046465 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4609996012 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/fc203268-cedd-47ec-b726-b552b95aa490 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ddefb627-40b3-4b29-9fba-627851a12714-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ddefb627-40b3-4b29-9fba-627851a12714-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEyMTM4NjQ1NzQ0NDI0ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECfUdX7i6JVW16xDO9_WnT8&google_cver=1
Request Chain 328
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Ddxu%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Ddxu%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=dxu&refUrl=&vid=91370456343121386457444248000V10&ovsid=1LrlEmRL1OXwNg5
Request Chain 329
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=73e167b2-c275-45e1-a964-8922e6f63ca3
Request Chain 330
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=08d208db-7f04-43af-9c49-869895b60547&google_hm=MDhkMjA4ZGItN2YwNC00M2FmLTljNDktODY5ODk1YjYwNTQ3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECB0-b0wnOAOrohyyFFH5_8&google_cver=1&ssp=medianet&bsw_param=08d208db-7f04-43af-9c49-869895b60547 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08d208db-7f04-43af-9c49-869895b60547&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 331
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dzem%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=96pxjWUQIcXFw6RbIeKe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJZGZYHQ2SXKVIUSY2YIZ3TMUTCJFSUWZJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4TCMZXGA2DKNRTGQZTCMRRGM4DMNBVG42DINBSGQ4DAMBQKYYTAJTWONUWIPJTGEZDCMZYGY2DKNZUGQ2DENBYGAYDAVRRGA
Request Chain 332
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3121386457444248000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3121386457444248000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=a3f6813b-8c20-4ac8-bf77-d35dc4b01932&cs=1
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=fc203268-cedd-47ec-b726-b552b95aa490
Request Chain 335
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=fc203268-cedd-47ec-b726-b552b95aa490&dongle=0cfd
Request Chain 336
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzExMDU3OTA0MzU4NTY3NTg1NzM2OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA_fqSkL4kHh3sgpzHdWZvg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 338
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzExMDU3OTA0MzU4NTY3NTg1NzM2OA%3D%3D
Request Chain 339
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3110579043585675857368&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3110579043585675857368&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=10d6a9d1-16be-41c6-b746-dd2e177126a6&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=10d6a9d1-16be-41c6-b746-dd2e177126a6&_noobservation=1&_expected_cookie=b34024b28d0558e8d92477e0d61c9d0d
Request Chain 340
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3110579043585675857368&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D08d208db-7f04-43af-9c49-869895b60547%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1b70ebdc8c224d859647fb381020fb20&ssp=triplelift&bsw_param=08d208db-7f04-43af-9c49-869895b60547&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=08d208db-7f04-43af-9c49-869895b60547&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 341
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3110579043585675857368?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iYAElblE2oRz5HGj2KNNLpGcAtmJHxqpgy_YuMCC6A--~A&dongle=0883
Request Chain 342
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3110579043585675857368 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3110579043585675857368&dcc=t
Request Chain 344
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1531151141028342390&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 345
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&dcc=t
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBo_foYbVT0CKKVFJPmFPDY&google_cver=1
Request Chain 347
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=fc203268-cedd-47ec-b726-b552b95aa490&expiration=1671729045&gdpr=0&gdpr_consent=
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
Request Chain 351
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e073637d-0294-4b00-bf16-cba7f46ad359
Request Chain 359
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1531151141028342390
Request Chain 363
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FseGCRZHcRsfuCAyTBy1av7P
Request Chain 364
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FseGELZHNWp5Cnm_SKiyBk1E
Request Chain 365
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1669137046465 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2543465206 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/fc203268-cedd-47ec-b726-b552b95aa490 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ddefb627-40b3-4b29-9fba-627851a12714-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ddefb627-40b3-4b29-9fba-627851a12714-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
Request Chain 366
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1992631737839472871
Request Chain 368
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F38902%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 369
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
Request Chain 370
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMGM1YTc5ODAtYTkyNy0zZTI0LWFkYTMtZGUwMDFlYTJlMDg2MgIGEjgB%26buyeruid%3D
Request Chain 371
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
Request Chain 372
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/fyN-lExxaf_Ok3i_h0-rbg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5936071202292975048
Request Chain 373
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xz-E_l_gSA-8Y63qVa3qKA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xz-E_l_gSA-8Y63qVa3qKA
Request Chain 374
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j0uqQrajT7uYruMYi44j6A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j0uqQrajT7uYruMYi44j6A
Request Chain 375
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjRjMjQ1MmViYmRiNzAzZGVkMzAzOGU4ODU5ZDBlNjdjMGRmMmNmZg
Request Chain 376
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LASH3IGZ-1-GRU8
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKaK8EgxaFwvCxsWzBzxaVo&google_cver=1
Request Chain 378
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFTSDNJR1otMS1HUlU4
Request Chain 379
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=&expires=30
Request Chain 386
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1531151141028342390
Request Chain 387
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8594003124195282946
Request Chain 388
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJ-807G-gUAACBKaPnyqQ&expiration=1670346647
Request Chain 389
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y30ClwAKArJjgQAT
Request Chain 390
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y30ClAt9L6pgBbxwFyHaOwAA%264694?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y30ClAt9L6pgBbxwFyHaOwAA%264694
Request Chain 391
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=io9jwzLgSg5VW7hHvO-H3nRaSso
Request Chain 392
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_637d029721d45&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637d029721d45
Request Chain 393
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=XSDgEBrVSPbPH97_ZF7T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WCTIRTUKQTSKZJVAYSQJA4TOX22IY3VI
Request Chain 398
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1531151141028342390
Request Chain 399
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_09b49ade-b38d-4595-bbac-7e337451b175&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=Q0Xjc0VE7SZYTrcjFxX5JxdH5nZYT-d2TUb28XhG HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=08d208db-7f04-43af-9c49-869895b60547
Request Chain 401
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_09b49ade-b38d-4595-bbac-7e337451b175&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Y2-iRqZLZeesSpxpLGfD&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WJSFVUVE4K2JRNGKZLTKNYHQ4CMI5TEIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 402
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4813014350 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/fc203268-cedd-47ec-b726-b552b95aa490 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ddefb627-40b3-4b29-9fba-627851a12714-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ddefb627-40b3-4b29-9fba-627851a12714-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
Request Chain 403
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=Y6eaECmx19WH&ev=1&pid=558355
Request Chain 404
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28sWaOIjCZd4cC8P0RFbZH6rOYMnFYdH1RZjNWjrKMBxhMqkv3-C-dY3yTaiqjyZp4%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28sWaOIjCZd4cC8P0RFbZH6rOYMnFYdH1RZjNWjrKMBxhMqkv3-C-dY3yTaiqjyZp4%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_09b49ade-b38d-4595-bbac-7e337451b175&obuid=ENC(sWaOIjCZd4cC8P0RFbZH6rOYMnFYdH1RZjNWjrKMBxhMqkv3-C-dY3yTaiqjyZp4)
Request Chain 405
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=eb0fc890-3536-4af4-9884-225040b2d4ce
Request Chain 406
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-cV_w1klE2pe8mUQOHZpEg1pzS7s9B3k8yqLn~A
Request Chain 415
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=fc203268-cedd-47ec-b726-b552b95aa490
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Request Chain 417
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7
Request Chain 420
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y30ClsCo5swAALWPft4AAAAA
Request Chain 422
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y30ClAt9L6pgBbxwFyHaOwAA%264694
Request Chain 423
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=H2hTu0ipymzLWumP2Nhf&pi=gumgum&tc=1
Request Chain 424
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 429
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminutemedia%26bsw_param%3D08d208db-7f04-43af-9c49-869895b60547%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1b70ebdc8c224d859647fb381020fb20&ssp=minutemedia&bsw_param=08d208db-7f04-43af-9c49-869895b60547&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=08d208db-7f04-43af-9c49-869895b60547
Request Chain 430
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10450%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/10450?gdpr=&gdpr_consent=&us_privacy=&A=817db9b2-030d-4078-a182-7c028edb2f88&bidder=index_rtb&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=Y30ClAt9L6pgBbxwFyHaOwAA%264694 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10450%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Request Chain 431
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A&gdpr=0&gdpr_consent=
Request Chain 432
  • https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21508&puid=69516c59-558b-4335-a16c-b5f71c776f7c
Request Chain 433
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=00f38f49-1a5f-4a7f-9d19-0b6cce24d194
Request Chain 434
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=279f46f13512f7353132a5a544f464a2
Request Chain 435
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3110579043585675857368
Request Chain 436
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=1531151141028342390
Request Chain 456
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Request Chain 457
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 460
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
Request Chain 461
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzIwMjI3NjYzNjY3Njg1MTI5OA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEARhU8mSFuTQTDN9Nz87Lhw&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 462
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y30ClwAKAvdryAAT HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y30ClwAKAvdryAAT&gdpr=0&gdpr_consent=&_test=Y30ClwAKAvdryAAT
Request Chain 463
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=279f46f13512f7353132a5a544f464a2&gdpr=0&gdpr_consent=0
Request Chain 465
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LASH3IGZ-1-GRU8 HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LASH3IGZ-1-GRU8
Request Chain 467
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
Request Chain 468
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=
Request Chain 470
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xwwtc1t9dvg
Request Chain 471
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-kZuX_xHYArhTToPrhZ0C65Ea1rhTGpa9EUYpZ07
Request Chain 472
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1531151141028342390&gdpr=0&gdpr_consent=
Request Chain 473
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 474
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TjoMOBp6Ab-FeqPNkwJ9Yw
Request Chain 475
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D-Fz50elRbxBEH4PchQOiXRaSso
Request Chain 479
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=408f3bd2c37648838e0f159c08aa8b1d
Request Chain 480
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1LrlEmRL1OXwNg5&gdpr=0&gdpr_consent=
Request Chain 481
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ddefb627-40b3-4b29-9fba-627851a12714-004&rndcb=2018220774 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08d208db-7f04-43af-9c49-869895b60547&ssp=adconductor&gdpr=&gdpr_consent=
Request Chain 488
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cjCo46b9QEewP4I9AiS2HA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 489
  • https://idsync.rlcdn.com/420486.gif?partner_uid=7230A8E3-A6FD-4047-B03F-823D0224B61C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDcyMzBBOEUzLUE2RkQtNDA0Ny1CMDNGLTgyM0QwMjI0QjYxQxAAGg0Il4X0mwYSBQjoBxAAQgBKAA
Request Chain 490
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e073637d-0294-4b00-bf16-cba7f46ad359
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzIzMEE4RTMtQTZGRC00MDQ3LUIwM0YtODIzRDAyMjRCNjFD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 492
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTP4biHhweYXXRljc0IXbY&google_cver=1
Request Chain 493
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F1CF34B0661448A942986C26A80C2C9
Request Chain 495
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=
Request Chain 496
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7230A8E3-A6FD-4047-B03F-823D0224B61C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hR9QNCpE2uViJbrvdfz2KdL_r0VCvr8-~A&gdpr=0&gdpr_consent=
Request Chain 497
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487320818174853404
Request Chain 498
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
Request Chain 508
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LASH3IGZ-1-GRU8 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LASH3IGZ-1-GRU8
Request Chain 510
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D40b4e5d9d779b4bb%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=40b4e5d9d779b4bb&uid=25ece32f-a4bc-414b-9473-f2a809b91705
Request Chain 512
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D40b4e5d9d779b4bb%26uid%3D%24UID HTTP 302
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=40b4e5d9d779b4bb&uid=1531151141028342390

514 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
www.bg3.co/a/ 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dbf59ed93f97fc5e2d757afcda364d23ac6c3d933356f1465543bb80816585b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 17:10:30 GMT
ETag
"db35-zMvAjYvh6xJqemB0adVyewVdSaw"
Expires
Tue, 22 Nov 2022 18:10:30 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 17:10:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8982a451fc00c1b3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 17:10:31 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 17:10:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"6079829c87823654"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 17:10:31 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 17:10:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 17:10:31 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 22 Nov 2022 17:10:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31953
x-xss-protection
0
server
sffe
etag
"eddf6e9f984d26cc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Nov 2022 17:10:31 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC7JVNoo42npKuMGIVTbSAgA1pqOqVwggdxhQGq57tK3M4tA%2Bcf0Iog%2Bvi%2B%2BtZhkPZQKKeHEBUfZXBjCY7eAQCw0UX8C0fEe1rqRNvhugPo31oGXuwcanHc%2FVsncCy%2FqXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76e347743b67a977-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:32 GMT
content-encoding
br
last-modified
Tue, 22 Nov 2022 08:00:27 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=102
x-cf-geodata
NZ
content-length
9035
expires
Tue, 22 Nov 2022 18:10:32 GMT
adpushup.js
cdn.adpushup.com/42753/ 		518 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:32 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=4
x-cf-geodata
NZ
content-length
114452
expires
Tue, 22 Nov 2022 18:10:32 GMT
43a172156c633ab94bce6e0067b87c44.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/43a172156c633ab94bce6e0067b87c44.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c41aa46e71ef0878dbfeed15dff26bcf.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c41aa46e71ef0878dbfeed15dff26bcf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d627225a4468461228440a03f42b7d04.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d627225a4468461228440a03f42b7d04.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
83cece360c64841bd8cf383271fb6181.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/83cece360c64841bd8cf383271fb6181.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e325615ae510a08bc00f8ae3ede9d827.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e325615ae510a08bc00f8ae3ede9d827.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d7c26c62da2723d98cd886a2737221a0.jpg
static.bg3.co/imgs/202201/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/d7c26c62da2723d98cd886a2737221a0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8c0c72a4a61f74218daa1402f7df0382.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/8c0c72a4a61f74218daa1402f7df0382.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6419f297d8fcb7572b5e92a3c9cbf8d8.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6419f297d8fcb7572b5e92a3c9cbf8d8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
eaf70ce21f6e27e97d3f03228b27659c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/eaf70ce21f6e27e97d3f03228b27659c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dedeba601f7394e18ae20b94b45b2248.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/dedeba601f7394e18ae20b94b45b2248.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
657c11b03775353b29d6332a795dbd6a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/657c11b03775353b29d6332a795dbd6a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b9b3468f3c74344979711055b993c792.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b9b3468f3c74344979711055b993c792.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c4769424ca0ed252652c8b433ba8bcb9.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c4769424ca0ed252652c8b433ba8bcb9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
11d54d40060ee52ab91bd0b38704d29b.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/11d54d40060ee52ab91bd0b38704d29b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9b797c0f1aadbd4835cb0c635c40d05a.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9b797c0f1aadbd4835cb0c635c40d05a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f7b3da8c6d131943787faa5ce577385d.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f7b3da8c6d131943787faa5ce577385d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6c557eeb6171d2aa90d59f200b693876.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/6c557eeb6171d2aa90d59f200b693876.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8d1be0c7b8d1fda99d5ed2f8a20ac642.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8d1be0c7b8d1fda99d5ed2f8a20ac642.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a650849b91df0a45c8d3419ce8f7db45.jpg
static.bg3.co/imgs/202112/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/a650849b91df0a45c8d3419ce8f7db45.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4fbe88ac169e2087c4e3da47ec30168d.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4fbe88ac169e2087c4e3da47ec30168d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e41ac45f99c04ea6e93d0d64a1c8306a.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e41ac45f99c04ea6e93d0d64a1c8306a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:06:17 GMT
age
594258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"413d5b5eb26df1c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:06:17 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Nov 2022 00:15:08 GMT
age
492927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23066
x-xss-protection
0
server
sffe
etag
"1b79e24071ca714c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 00:15:08 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
292c23cd0cb7646eed1e5951fa827a4698507c5f45bab13797559eaeaafe8007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:06:01 GMT
age
594274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"2e876f41249f1a45"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:06:01 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6369
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBpV8qclPsY0tVYS1zXF0YjqPlSBTpcHfcAHOA1XuWhsj%2F511Ge%2FGvsdVXB7bHkLYBsTMoPhRAx46vcQ1IXeG0Z9B2rN%2Fsbox4vcZGIJ%2BN0MhstoYBPp%2Buij1RRfK6Y29A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76e347766c97a977-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:33 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:33 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8903416607135373&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:33 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.16144852742952587&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:33 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJuh9JsGEogBCiRmOWUxM2MxNi1lZDQ0LTRkMjAtODFiNC1mNjRmMTczZjJiODYQ6JCNkN3O+gIaBgiLhfSbBiINMTE2LjkwLjc0LjIwMijwvwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDk1YjMyNGE5LTI3NDEtNDhhMy05YjZmLTZlOGUzZGYyMzc2Zhi46QE=.A/gf0Jj/d//V4S2KEd6vLC3V5C+x+J5EVi7nnTIAcec=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1669137035.dop219.la3.t,1669137035.cds209.la3.hn,1669137035.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJuh9JsGEogBCiQzN2MxYjI3YS01OTI5LTRjODctODgyNy0yOTkyYzhmNzc1YjIQ6JCNkN3O+gIaBgiLhfSbBiINMTE2LjkwLjc0LjIwMijwvwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDNkNTY2YzNjLTE4ZTgtNDMwYi05MTc1LTdmYzkyNTBkMWMwMhib8QE=.hh+YuhVUbIExQmRucRtNlHF74Gv91WoBDiMwIMYW1X8=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1669137035.dop219.la3.t,1669137035.cds209.la3.hn,1669137035.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1331 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef4fa8830f3f2a0eaff0e849fd93658deb18c9f3ed838d2aed68601adfe176f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34251
x-xss-protection
0
server
cafe
etag
16325645817665518719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:34 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0AB3 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e38faebb5a6d42d74b0d294dd2b03c18f010247843533812c25b47e9d2850dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34251
x-xss-protection
0
server
cafe
etag
13444292989094522988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:34 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 16:13:29 GMT
age
89826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10255
x-xss-protection
0
server
sffe
etag
"4d52d329cbd34968"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 16:13:29 GMT
gtag.json
cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:10:32 GMT
age
594002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"f8777e0f4a2af1a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:10:32 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame CA50 		714 B
796 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1483
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76e3477d1acfa829-SYD
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 17:10:33 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iALolTp1GP98KWzzsKU1u1LP9I3tL77mFfGWyWqxweKJAJN2%2FiFMKTvP4fHK5FSa4XYRz0GW6vxUVoaAooGebSqBHTXUUFtr7fk%2BzdR8cafO0ZTEthQE3TuOjH%2Bf7pECQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:35 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D34A 		714 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1483
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76e3477d3adca829-SYD
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 17:10:33 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Bhe9%2F5GrjrMnvifbAYLOerD55UZM6xxYZlMHUhiq5deNQDdcfbho7kxChuBqJOzK%2B2XwuiyzdoBYPR2h0G8UQLmkpvDaZiQ%2FyQkPZ5OT0iKvOe1eLTP0Pxu994C3AzrGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CA50 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1399 / 363 of 1000 / last-modified: 1669118838"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 17:10:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D34A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1399 / 968 of 1000 / last-modified: 1669118838"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 17:10:34 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 22 Nov 2022 17:10:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 1331 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
6348da6b652de2baefe437f72327f5bf10ed982630d4c0d092e627485169555d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
14188585087142564408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:35 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 0AB3 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
6348da6b652de2baefe437f72327f5bf10ed982630d4c0d092e627485169555d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
14188585087142564408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:35 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame CA50 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame D34A 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%8E%8B%E6%AC%A3%E5%84%80%E6%8E%83%E9%99%A4%E8%B6%85%E7%B4%9A%E5%A4%A7%E9%81%95%E5%BB%BA%EF%BC%81%E3%80%80%E7%B1%B2%E9%81%B8%E6%B0%91%E3%80%8C%E5%8D%83%E8%90%AC%E4%B8%8D%E8%83%BD%E5%86%8D%E5%88%86%E7%A5%A8%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-cxJAY9-8aDoI572ZnNWIbg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8714071956855645&gjid=0.1359751911842697&_r=1&a=8060&z=0.2660928637580471&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:10:45 GMT
age
593990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
etag
"23f3142da2c5be06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:10:45 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-22543449742378924824.ampproject.net/2211042305000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-22543449742378924824.ampproject.net/2211042305000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ Frame CA50 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CA50 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CA50 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4191844016917534&correlator=4033918520893749&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1669137036037&lmt=1644386353&dlt=1669137033861&idt=2155&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=c0dvnpp6724i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1634793529.1669137036&ga_sid=1669137036&ga_hid=1873555466&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
16fde1638acb3435912efdb40c087c14570a535f0a88b712a3463d24a9dd19a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 800C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:36 GMT
expires
Wed, 22 Nov 2023 17:10:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1669137036210
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:37 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Tue, 22 Nov 2022 18:10:37 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1331 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
c15ab4d82557b0e4ee71ff4bd53a96c2639647cfc99994d94a10b380da013239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 1331 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1331 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2D78 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
af6a6d4adaae0ed8b2229d859c0ce3d72edb70c01aa6555ec8073cc55919fa2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9924
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:37 GMT
expires
Tue, 22 Nov 2022 17:10:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame D34A 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D34A 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D34A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=esp&c=16&pc=809778741123151&eids=31060437%2C31069596
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame D34A 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=809778741123151&correlator=3115621642256444&eid=31060437%2C31069596&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1669137036268&lmt=1644386353&dlt=1669137034093&idt=2167&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=flrvqd7zln8k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1241963204.1669137036&ga_sid=1669137036&ga_hid=1555050422&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
5a54bcfc64e52d2d76d680f79ce987d2d30a70bc956226aff6160e9a0f657dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C135 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:36 GMT
expires
Wed, 22 Nov 2023 17:10:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
94168
expires
Wed, 22 Nov 2023 17:10:38 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
211
expires
Wed, 22 Nov 2023 17:10:38 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
17440
expires
Tue, 22 Nov 2022 18:10:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1399 / 157 of 1000 / last-modified: 1669118838"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Nov 2022 17:10:36 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:37 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 0AB3 		379 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
09bf756becc6e945e73a78609ce4229d666b80a9aa5854e8875697bb3cb24609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 0AB3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0AB3 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame CF5C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1100
content-length
673
content-type
text/html
date
Tue, 22 Nov 2022 16:52:17 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
x-amz-cf-id
QbOLmcNrv1vM981Ro-WCc9I_3kdTARqZOjYFSvLRdtfAEq5vq1Gv4w==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:37 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjkxMzcwMzY1NjQsInBhY2tldElkIjoiMDAwMEE3MDEtMDBhOGVjNzgtNmUzZS00MDM2LTliMTAtMmZhMWE0NjA5YjNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteGluLXlpLXNhby1jaHUtY2hhby1qaS1kYS13ZWktamlhbi14dS14dWFuLW1pbi1xaWFuLW1vLWJ1LW5lbmctemFpLWZlbi1waWFvLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=7043.400000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjkxMzcwMzY1NjQsInBhY2tldElkIjoiMDAwMEE3MDEtMDBhOGVjNzgtNmUzZS00MDM2LTliMTAtMmZhMWE0NjA5YjNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteGluLXlpLXNhby1jaHUtY2hhby1qaS1kYS13ZWktamlhbi14dS14dWFuLW1pbi1xaWFuLW1vLWJ1LW5lbmctemFpLWZlbi1waWFvLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbH0%3D&c_b=7044.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjkxMzcwMzY1NjQsInBhY2tldElkIjoiMDAwMEE3MDEtMDBhOGVjNzgtNmUzZS00MDM2LTliMTAtMmZhMWE0NjA5YjNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteGluLXlpLXNhby1jaHUtY2hhby1qaS1kYS13ZWktamlhbi14dS14dWFuLW1pbi1xaWFuLW1vLWJ1LW5lbmctemFpLWZlbi1waWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dfQ%3D%3D&c_b=7044.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:37 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
4870
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Tue, 22 Nov 2022 21:10:37 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjkxMzcwMzY1NzEsInBhY2tldElkIjoiMDAwMEE3MDEtMDBhOGVjNzgtNmUzZS00MDM2LTliMTAtMmZhMWE0NjA5YjNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteGluLXlpLXNhby1jaHUtY2hhby1qaS1kYS13ZWktamlhbi14dS14dWFuLW1pbi1xaWFuLW1vLWJ1LW5lbmctemFpLWZlbi1waWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=7051
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjkxMzcwMzY1NzgsInBhY2tldElkIjoiMDAwMEE3MDEtMDBhOGVjNzgtNmUzZS00MDM2LTliMTAtMmZhMWE0NjA5YjNiIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dhbmcteGluLXlpLXNhby1jaHUtY2hhby1qaS1kYS13ZWktamlhbi14dS14dWFuLW1pbi1xaWFuLW1vLWJ1LW5lbmctemFpLWZlbi1waWFvLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfMTIwWDYwMF8xMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=7057.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:37 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1ED6 		603 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-7183181834147027020&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3213&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=98572008060&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&ga_hid=8060&dt=1669137036056&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&bdt=5039&dtd=693&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:37 GMT
expires
Tue, 22 Nov 2022 17:10:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame CA50 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
4d40b7a790e7138fe1b460bb50b0156f65785bda4fc0e361ea29d48835cd0e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12544
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D34A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
0e9e6fdbbb30468efe352fa21e9b722b947a80bdc690723d462643fce713aadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12363
x-xss-protection
0
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 12:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Nov 2023 12:10:15 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Tue, 22 Nov 2022 17:10:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2D78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtrlSjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT5AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6k60LTPPJGbcNFUfz2gk5ki74Bp8Qs90owNffoD801onVlu41758YAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=JBJgAbSqgRY&uach_m=[UACH]&cid=CAQSGwDq26N9VoyFqCzb8N1U1p1UpG25oI82BsGKwhgBIBM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Nov 2022 17:10:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 2D78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-CGEp_IC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQjAJ9Y6LhAp8Sshj4XSK8ABIAAA&wp=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
224751
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 9D21 		170 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1a7459ba69305db941bb5df26f61744b66cae5dc3013fbb9aa2acf4dc29d5c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=4UnjbEsvK-m8QHi_VuTlRqrrbRPDhL3kjudfucdGD_RX-PrY1kufjJz1AQKHm3QnPthLLRBptb8oiPzs2PldMbcIUfbVI2WqbtyhSMRkL0F0Ny7fv3EqzMOrGymDk_mkdX64itsooO0E7LODtdZHaWSutB3EaXHuR7eV1PfkXBV52Vi6mAGHRozhcPMIf0wh8qwX3MtmvpyqpIfkcRxlUz12dqEV0fjuetlV-s0E6YUFHk6Gz55yxAQzWtmeSLMiB3CMZZtBWNUxskV3"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
68995713
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2D78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
22033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:03:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2D78 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
2966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2D78 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CA50 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D34A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:38 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CF5C 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
6db2ee00fdc8573475904eb1a632cd287d891585643b33fba861b99ad9a20ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34222
x-xss-protection
0
server
cafe
etag
8317258159777450012
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:38 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9D21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:10:38 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9D21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:10:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9D21 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 17 Nov 2023 17:10:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9D21 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 17 Nov 2023 17:10:38 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9D21 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=e6lX7QQ97HOT_ZsBKT479o8hofaTjtgOfktzQOSEuQb_sWNEVi3TEkoW_RuDxJdJVGn8L9ba8gdHXejcNV2cyC8iGZshOWT1Ul6pMfyNiwR3J9Z_msi3C5nv0IcV55BMOoszZtp-AKS25Lx4azDRm65VzDUbs623fY5aiZJDb75CxOEQyFLjxUANhqYGUvZZVJY8hFyDwQfqcq7N9a6O1IeAm2R6YOZvFPxfHNk1TNaF1JcBTwiI1Ts2ILQdpqfnU_adkbGCgkuIIBfBxU33-SIV-XzWNVaZvyZ3L5-quWL5ONw6kUJm9q7pUnHXhul6hrzTZHKzO3kNYr4YryO5ccDWD_rdpLb7BtTVoHpy8D2wbqloQvWpBpMFN0dnJv2561yWr50c0jMbFKKHts3ecL1lU8LcAAc_y0nhP3yZQEc6cj7E
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1707775
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 2D78 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b69b63f61c3457be569fac6b33588c1d4113cf9ac76a0248da7e9055e098f04

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ADC1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 749C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
998b7e6456d0ff501052104b49e01528d79bbd901957811a3bb5c0c3e5d58cb5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D6Y-rLQRNLr0tfMuNECv_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-D6Y-rLQRNLr0tfMuNECv_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:38 GMT
expires
Tue, 22 Nov 2022 17:10:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
etag
"nAbmxtqHqaYrwBiADJAeFg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 29 Nov 2022 17:10:38 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ Frame CF5C 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
28f7787e826550328e75a4140836d4d3a927c014ecd5d013715780a09ee9a486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119216
x-xss-protection
0
server
cafe
etag
3331781988609205339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED19 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5A6C 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
bcd632d7abefff2d13fd365f2bf30b771cb27e28d9186679e2da871b1a6ddb52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KZzugkVCKpOa0nUnTGx-kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-KZzugkVCKpOa0nUnTGx-kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:38 GMT
expires
Tue, 22 Nov 2022 17:10:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame 9D21 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:10:38 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=91067&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F91067%2F220923%2Feaf31751002c4266b2f86cda44bffe4a_wechat_image_20201110165504.png&v=3&w=668&s=mqtwKyLo3sAapuWko0_JeyA9
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
920b421933daabde5596f2c24fe6db87ce1969b9e760f3797a8e4f38cc223058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=26144169
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5598
expires
Thu, 21 Sep 2023 07:26:49 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0042709_0.jpeg&v=3&w=400&s=LOnzqGlw-axtfF9BFj_9BlKw&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5eb96458f35467a1da6649a33a6fc53bcb8ecac9e1657e93a67661a9c1ab392a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28737741
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7204
expires
Sat, 21 Oct 2023 07:53:01 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0045635_0.jpeg&v=3&w=400&s=q-DOUltwNWuHMuKdRtqEI5LD&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
34e4ee75b03fbdd08a2ebbc35b370b0b7e735368e9300278579b4bd3377d3b38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27691574
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4330
expires
Mon, 09 Oct 2023 05:16:53 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0038930_0.jpeg&v=3&w=400&s=KlYibeIRLrNbLjXeL5MzPOO7&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
003cdd27ee491b05a51be1e973835f461f39c84ae283464b2d9dd65601d90346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29146564
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7264
expires
Thu, 26 Oct 2023 01:26:44 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0043280_0.jpeg&v=3&w=400&s=Wa2L7RCcb18ct5ajDGEZbbT1&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5be108e5b0d8450dc2f0cb34bcf4ae1786b31a33fc877417bc737574fa50d524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30268396
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9268
expires
Wed, 08 Nov 2023 01:03:55 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0038464_0.jpeg&v=3&w=400&s=6C0alsc5_rLfoO0c7NfK5-oG&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
cc049cd80f755c3403a2cae07067386eb8ffe14aaa440be334288693c1a1ca49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31530219
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4794
expires
Wed, 22 Nov 2023 15:34:19 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0045287_0.jpeg&v=3&w=400&s=QqXz72pS_2OZv-J9vdyx9AEX&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
2cc7ad74dbcaa64296359bbb41713809f3b8c5121ae7a085b77eb0ed024a7209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29944784
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5150
expires
Sat, 04 Nov 2023 07:10:24 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0008743_0.jpeg&v=3&w=400&s=6xFNY1H3kDKLaXFFFpBXuwzL&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5ac9a3bc39aea3073a2500c40a95132ac4ae64ae94d74ddd323125a09d866aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28623139
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5156
expires
Fri, 20 Oct 2023 00:02:59 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0042157_0.jpeg&v=3&w=400&s=dbFa-N8pQoK8_RoLQgOytIIY&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
63b1017abba43aa480f8f91dacd40d1275a3c70f9850518ee97d85781d1c92ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=27969282
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18730
expires
Thu, 12 Oct 2023 10:25:22 GMT
img
pix.as.criteo.net/img/ Frame 9D21 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=91067&q=80&r=0&u=https%3A%2F%2Fwww.ifurniture.co.nz%2Fimages%2F0043125_0.jpeg&v=3&w=400&s=CsFPXZg_CP_dkpxWSIFHrBHl&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
4034e8416d16b8f6bc6b45e28a5a3bcf2e6a48da816fc65f9e39a48598ab173a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30976671
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9196
expires
Thu, 16 Nov 2023 05:48:31 GMT
all
csm.as.criteo.net/ Frame 9D21 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=4UnjbEsvK-m8QHi_VuTlRqrrbRPDhL3kjudfucdGD_RX-PrY1kufjJz1AQKHm3QnPthLLRBptb8oiPzs2PldMbcIUfbVI2WqbtyhSMRkL0F0Ny7fv3EqzMOrGymDk_mkdX64itsooO0E7LODtdZHaWSutB3EaXHuR7eV1PfkXBV52Vi6mAGHRozhcPMIf0wh8qwX3MtmvpyqpIfkcRxlUz12dqEV0fjuetlV-s0E6YUFHk6Gz55yxAQzWtmeSLMiB3CMZZtBWNUxskV3&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9D21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:10:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9D21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 17:10:39 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221122
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13acdd18ee7ee38f70cc26fdfbd0ed717930bb46114e582b918b2279e2dd5b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7764
x-jsd-version
1.0.1532
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4569-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-BPQDDQUBNM6X+1Np+aFfcCYHbN4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmJGERgYxBFfeVSj6tRQeRXr2sOu0CuLAc%2BaA739TxLPtyUMjaVgPTLxjhtTtEoIZLuplYKhunSBwBTeRTDjxZk3YPVW%2Fir34P4FK6qpZsVM8kvbHCA9iJsCePLvrxNrZIw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76e3479e5ac8aaf6-SYD
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.118.67 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-118-67.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
18
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		376 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.89 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5d936bd567418367dff6e409b5ccc8b918c315d76886f11f751ebb0853b53038
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:40 GMT
AN-X-Request-Uuid
ed71389f-da55-452c-9d7e-b38db9f93442
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
376
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22117bb622402a3c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22187ea9ea85d987a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22215f12d15a9472e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222272e9dfa6af065%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cf9e53b9-b4a4-4d55-a529-fa55ecc5e675%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bffc7f9f2142c04e14ca1af4154f4ecaf1f6e1cf249fc095cbd70d098a9d434

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hzw54py9TDuIsfkpNlZ%2Bs%2Bpy0CSci0ICITWFQiY3YaH5Rk6%2FFxq2bkGwThN%2BIesfUwSXkBIEIvVe94DdqXaucKSrxCuHGVXHfYHVGQj4N4z5JEBhNNAl5KboDRW5bz9ILUbDOeAF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76e3479e3dfc1c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22117bb622402a3c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22215f12d15a9472e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%222272e9dfa6af065%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cf9e53b9-b4a4-4d55-a529-fa55ecc5e675%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bffc7f9f2142c04e14ca1af4154f4ecaf1f6e1cf249fc095cbd70d098a9d434

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e97DOJFdWYv2F%2FhLLm86%2Fu6%2Fb0WQ9hZ%2FPbSXTlJ1eOMy5ojOjkqvH1vH%2FTQuO8Jk%2BXDKytnG5M5cAg3FPJ824owNb5VQ3Um37CAC0%2FoDtI%2BzBNjYYSQ%2Frctl5coJd%2FLpnT1yjJcR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76e3479e3dfd1c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.90.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-90-76.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 22 Nov 2022 17:10:39 GMT
prebid-request
onetag-sys.com/ 		0
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.157.181 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-157-181.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
607b92f2f611d91517285696bb617942ec6b150a01c0478b7c97c68d518442cd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.157.181 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-157-181.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
18dafb1afa2b4bc7be7dd3aa5c8445d0a54e9fde438dbe9c2fd0087b1a27cff1

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.157.181 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-157-181.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d32ec09e50db1ef37a23f4bcb4e17673895c01460b2b78aed6865e9bb9c6eed1

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=cf9e53b9-b4a4-4d55-a529-fa55ecc5e675%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=645b1eb6-0aa6-491d-8376-991fc718acea%3Bee7be496-ee9b-4996-95c2-211a2fd89345%3Beab2d4f1-9dab-422b-b06c-1d3525e45bc7&l_pb_bid_id=440dd3406cd69f8%3B45a4ba193a709ba%3B46b625be3e9967e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.027248357069508566
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b8c03014f85c9af7052666bddf2c16020b0c8cc8b86e0343f223511bf66ce8f

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
184c4c58d360952d1c3f6f96285629c7a8a833e7d35f77f0dc400c7cac96bc24

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
206
alt-svc
clear
expires
Tue, 22 Nov 2022 17:10:39 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
eec6851a4a5b9c800376bcccc271385f89d31dc8ab74fde108a5bf67bc0bf75b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Nov 2022 17:10:39 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=28306967288
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Tue, 22 Nov 2022 17:10:39 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=056a142d-aecc-40a5-b7b7-1727f5af25fa%2C1f18963d-54a6-4418-b2eb-49a4a78d2a4d%2C5a8e18a3-e8a8-4649-a96a-46ebeafdcea0&nocache=1669137038787&pubcid=cf9e53b9-b4a4-4d55-a529-fa55ecc5e675&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a5e534054b7c616797a164bd08f7e8cd9a4b745436758dfe99529b5d86b70302

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ef6571ed-c260-49b0-84e5-ef001feaea8f&nocache=1669137038788&pubcid=cf9e53b9-b4a4-4d55-a529-fa55ecc5e675&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7f4c5b4f-ae87-4e6a-a19f-d08d7e1608ad&nocache=1669137038788&pubcid=cf9e53b9-b4a4-4d55-a529-fa55ecc5e675&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=45908eb0-c3c8-4412-84e8-2091e604382c&nocache=1669137038788&pubcid=cf9e53b9-b4a4-4d55-a529-fa55ecc5e675&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8214
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame ADC1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-78.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:26:45 GMT
via
1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2637
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
LlJSBgrq6DLUcCSbrzJeqMcsBWoileB2pfpzzzHAgqQ1cl18yuMu3Q==
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame ED19 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 749C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=4191844016917534&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=809778741123151&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D78 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5Ufw5CSHiXYRjG217M4EtiQmW2gO9W_Xr66WpIMZYTSsFFArvgW0Sx6JHYx78xrIuov0J2oC_23y5Oq4N2QF4BpXY&sig=Cg0ArKJSzPNGmMvc0mMdEAE&id=lidar2&mcvt=1016&p=0,0,280,336&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669137036248&rpt=1952&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame CF5C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CF5C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame D245
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
182
content-length
801
content-type
text/html
date
Tue, 22 Nov 2022 17:07:40 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
x-amz-cf-id
SzE2qwOLeWZo56mm-ofEv3rehmOQCEpza61SqrwyT68sZWWPDGySLA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:39 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame ADC1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nlSibw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI3NTQ4NzRfMTY2OTEzNzAzOTM3OCIsInVzZXJJZCI6IjMxNjQ2NF8xNjY5MTM3MDM5Mzc4Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjg4NDc1XzE2NjkxMzcwMzkzNzgiLCJwYWdlUGF0aCI6IiUyRmElMkZ3YW5nLXhpbi15aS1zYW8tY2h1LWNoYW8tamktZGEtd2VpLWppYW4teHUteHVhbi1taW4tcWlhbi1tby1idS1uZW5nLXphaS1mZW4tcGlhby5odG1sIiwiaG9zdG5hbWUiOiJ3d3cuYmczLmNvIiwidXJsIjoiaHR0cHMlM0ElMkYlMkZ3d3cuYmczLmNvJTJGYSUyRndhbmcteGluLXlpLXNhby1jaHUtY2hhby1qaS1kYS13ZWktamlhbi14dS14dWFuLW1pbi1xaWFuLW1vLWJ1LW5lbmctemFpLWZlbi1waWFvLmh0bWwiLCJwaGFzZSI6MCwidXNlclR5cGUiOiJORVciLCJwcmV2aWV3VmFyaWF0aW9uIjoibm9QcmV2aWV3UGFnZSIsImV4cGVyaW1lbnRQYWdlIjpmYWxzZSwidGltZXN0YW1wIjoxNjY5MTM3MDM5Mzc5fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 22 Nov 2022 17:10:41 GMT
Server
nginx/1.18.0 (Ubuntu)
L2Evd2FuZy14aW4teWktc2FvLWNodS1jaGFvLWppLWRhLXdlaS1qaWFuLXh1LXh1YW4tbWluLXFpYW4tbW8tYnUtbmVuZy16YWktZmVuLXBpYW8uaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evd2FuZy14aW4teWktc2FvLWNodS1jaGFvLWppLWRhLXdlaS1qaWFuLXh1LXh1YW4tbWluLXFpYW4tbW8tYnUtbmVuZy16YWktZmVuLXBpYW8uaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:39 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=36, origin; dur=202
content-length
555
expires
Tue, 22 Nov 2022 18:10:39 GMT
generate_204
tpc.googlesyndication.com/ Frame ED19 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kUFYDQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame 9D21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=4UnjbEsvK-m8QHi_VuTlRqrrbRPDhL3kjudfucdGD_RX-PrY1kufjJz1AQKHm3QnPthLLRBptb8oiPzs2PldMbcIUfbVI2WqbtyhSMRkL0F0Ny7fv3EqzMOrGymDk_mkdX64itsooO0E7LODtdZHaWSutB3EaXHuR7eV1PfkXBV52Vi6mAGHRozhcPMIf0wh8qwX3MtmvpyqpIfkcRxlUz12dqEV0fjuetlV-s0E6YUFHk6Gz55yxAQzWtmeSLMiB3CMZZtBWNUxskV3&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Nov 2022 17:10:39 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D245 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a9a0263fdbfba5b5969bc9d14ae703f1df7610a2a88e7f33738975e203f9176c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49150
x-xss-protection
0
server
cafe
etag
6593260877327115462
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:40 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0c63ce33c539e5988cd3cab50a0ac19d61b931e7a7933c219f54e82a8c4af6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78329
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Nov 2022 17:10:40 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS93YW5nLXhpbi15aS1zYW8tY2h1LWNoYW8tamktZGEtd2VpLWppYW4teHUteHVhbi1taW4tcWlhbi1tby1idS1uZW5nLXphaS1mZW4tcGlhby5odG1sIiwidGltZSI6MTY2OTEzNzAzOTk3MX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 22 Nov 2022 17:10:41 GMT
Server
nginx/1.18.0 (Ubuntu)
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1331 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
253d3586a9cdc02cbaf7fb10593643d235c629d374cb75bbd4f92909aa0c64ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12650
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame D245 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
8125d23926b2075a0fa03a6d3136e68b3cdcc00025381df550f30afb60d24179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119615
x-xss-protection
0
server
cafe
etag
1191554143908249479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 17:10:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 03B9 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
55876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 01:39:24 GMT
etag
10353107486223812946
expires
Tue, 06 Dec 2022 01:39:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1331 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C714 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195588
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29C2 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
3d31ae2a654aa1c5019cf935620dce6f2d0b07e40a0efdeac0f72054a0584dc8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VcVglWkgEzTQz8DW5r3rnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-VcVglWkgEzTQz8DW5r3rnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:41 GMT
expires
Tue, 22 Nov 2022 17:10:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.co.nz/adsid/ Frame D245 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D245 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A032 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137040461&bpp=4&bdt=531&idt=478&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=5589688973120&frm=8&ife=1&pv=2&ga_vid=71806132.1669137041&ga_sid=1669137041&ga_hid=443256419&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531705%2C44770880%2C44777949%2C44779076&oid=2&pvsid=3827996945744677&tmod=873941560&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.fzkqn6dkltt3&fsb=1&dtd=496
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7B7C 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137040465&bpp=1&bdt=536&idt=499&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5589688973120&frm=8&ife=1&pv=1&ga_vid=71806132.1669137041&ga_sid=1669137041&ga_hid=443256419&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531705%2C44770880%2C44777949%2C44779076&oid=2&pvsid=3827996945744677&tmod=873941560&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.7j2862aiosp4&fsb=1&dtd=504
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame C714 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D245 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b1c8ab8b7c644d1a580f649a8f5e59c63aab3c1814e1586f1b766800ca44192f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12545
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame CF5C 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ce4cf6ce56f965c9ed7fbd16ae6d0b7331d4a2e774e46c94de78636f2db2f064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12401
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0AB3 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
5b8af6e0edcf29acca770895afde51d2d26381b0464c022035fe137410ecd7ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12358
x-xss-protection
0
pixel;r=1100397884;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1100397884;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-632526806-1669137038987;pbc=cf9e53b9-b4a4-4d55-a529-fa55ecc5e675;ns=0;ce=1;qjs=1;qv=48c6ea86-20221121114006;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1669137041271;tzo=0;ogl=;ses=1e9a75ca-6bce-4d39-bcfd-6e501e6ed3f6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CA50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=4191844016917534&bg=!LC-lL2vNAAbvMpMzzzI7ACkAdvg8WuFSpCzKP1v7J6iQnq2qMreWB8U9-qQw5KiKuDYEyvLiKpnPxwIAAACEUgAAAANoAQeZArsTZPkvEXYGva5q2XeNQ_ranCKtUvWpSco6KQx25SqD0TPResYiqhkqWUriAsoUF8ImyoXGJWJjP3meSBXC7KZTfCt_5kvPZB9PgNoiku4E4O-WUq3zmlTWKTEITevLw7Y36zA5n3JI_KmVLCAYzLJqw8qqtyxgAGt6oM6V4d6KJzyx3rQXFdNda8Fqr8NbwMJL_Udx-UH93zJMaj3PPco38n_0ezz243dtNNQfQkjZimIIWsh6QfDf_KVIkS6KGOPAwtObNkjEeB3BQ3mTdPjr9_ZUtSxNIyOwtMNGTHj248vZHB72KISB9wCnhpaNvBIZAAJr1Ibay7JPQqurKSz8eOfVjlLBLg88PBUMnrwmA0PFLnZBzMO0wtmVP3zbgM7ukHtdDy7cBpolnNOJpXAMPK9jrZifGTu0FLwCP7rNVOi4o-x8a5bff8PkBwuJc_08YTED-RbtfRdakwJhl1d43ZlAYGc1a1R6nONBGtRgn7n_OZ0SZkr9RKbjZJAtLVh0rS5EFqM0vCOEaMV8q56tCy0-_Duo0A4p2-v9rLiwgEmlTny3KeSIze7MtlN_GbM3AAi8gmkS2U5iRUqBSO4qp-0yM0RqU4rQOuxxeVea0Ce6bFdUeqQYMFvTLNTIMluMmeHI0_mwn_SCz4Yu1WM0nKvloWhU-HwcmrAzh_XOG46VAVsDwXinN_d5iuMojxQHHwKcxtbLcfxqbeEPE-LaSoM-a7e7bs4TNxWWHmGxMWNnWTfftOhqN0Jd7GgezrPOBskWGOpkcUr7Jr3FxgJ0WmmCAdv0Xch1T0_F-7VLiMTtBV3qj2ZxfMQX2j_ezRJncLARx30HUlyledPhmwrFhAgMKw-lOby6VFukeXVVnnWBxpIAPnzyfYIJarUWvy4RHflEOY4BlHYRTbQacGxqbif66GB9meVAibM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 29C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=661049901592538&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D34A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=809778741123151&bg=!enmleT3NAAbvMpMzzzI7ACkAdvg8WmCFdC4MhFgwq73o4e-I7K8AfP-EOuTZIOZNDhcK6UL2YglwXwIAAABeUgAAAAJoAQcKALVgKJkGWSPnLy0LrXJGrMU4wTlEhXzfCDZ4xg3VBrH2iwWGmh1dob-U6-Rw7ihk23hKhB8SXBG3FZaH-vpqvIdE0eyTvnDv1SolBcq0jXiT3dqNAPaIKw9yV-p32AtCia_6S08f2RjlYK-_NYPg7yveUB3UxjMJhWVQ0MJjqGvNN7b6TwUI93pabzBPK9WL3ew64sQQXbck-0YJIaVUy7DJ2kjeOUZ33V2lf27I8jvkw3PWsNhBmQKx6Gaxr8j8rxPbMVGnTrVqDoEoBYc1RD2g4uTVNpSDumDFJhflAI7fuNBYi4OHAx_gJGqFcxZhMaCIaSyBXsgkBOGEUApvcn0yMuPweYtMjCQa-7JTV4NQLwv4ykFLwhC6tDQJOd6BAeNvz6cVxU571vJHc9r7h6OqtIgYwmDWVpLg66Cq9E69pTJtszO8Mxz_lVNqa8bJ92ngnMkwCSXA7RE68p7OTWTJ7OcZw9pVsKR2zvBh32ZyFX21KybbyqZEOPjQ-3oz2s44OXvFHPbaIxAXVJLmZJZIjsoVo0pZfeupfLLkLnvEPtws4SZOylDJkSBZ22rV869exgvKXQ9ebnQpNHO8pVb_Dzz27_JPQpee2fQ8lgwtT_rvPOLZvbJp9JNr9KwbfznsBTJ6M_ardbohH40WWy1eYVp4wMkSiNWmd3XtZORNW7k9gIsZ_LfiXHIzo7Bb7h55wULlucgaRNHz25LRaP760URj_oUD3r26NoT_VO5sDPfGroFhKgzf4Cb4ExX5TKPZTX7Ejyd4BkBABV33OWm-k6_MGkbwIdnS4ez64jJ1JSHJztT7CPvanJpAyochm9gEm3tFUsQNRp1aZ-kd6aQb0E_1ueRZ0Q3paNibvCAEyvnn75qkkFATI9qxhAk0gKKSdREC4zLGSBpUgQgAKet5dopGDttT154zdCz0LOZv1ea-Z2amfWDQWISdmGzuiS_IxciJH6is7b8qkIVV8ImLmUJfWGG0PjnKcDx-m8CRAgNW7QrtlBRO8eOP0jkqXw0fPRusHmytGSvahb2RQO3kj3A-xgYdi-I7MED2uHP-sFaSA0U2TXoK8jDK_DNHdlDFxhQMdHXeDK2XPPapJaII9x7J8xyx6oRP3EGdzsXOmVQNjHHkhjJr6Q08D5bjdKFem5VDzeSoDz8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C714 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ly8BHA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CF5C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0AB3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D245 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:41 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93YW5nLXhpbi15aS1zYW8tY2h1LWNoYW8tamktZGEtd2VpLWppYW4teHUteHVhbi1taW4tcWlhbi1tby1idS1uZW5nLXphaS1mZW4tcGlhby5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMDBhOGVjNzgtNmUzZS00MDM2LTliMTAtMmZhMWE0NjA5YjNiIiwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI3MmI0YWQxOC1iYzIwLTRkZGItYTNhOS0yMzY3MTI5OTVmZmYiLCJ0aW1lT2ZBdWN0aW9uIjoxNjY5MTM3MDM4NzQ5LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbIm9uZXRhZyJdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdfSx7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjcyYjRhZDE4LWJjMjAtNGRkYi1hM2E5LTIzNjcxMjk5NWZmZiIsInRpbWVPZkF1Y3Rpb24iOjE2NjkxMzcwMzg3NDksImJpZHMiOltdLCJ0aW1lZE91dEJpZGRlcnMiOlsib25ldGFnIl0sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV8xMjBYNjAwXzEwNGIyIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjcyYjRhZDE4LWJjMjAtNGRkYi1hM2E5LTIzNjcxMjk5NWZmZiIsInRpbWVPZkF1Y3Rpb24iOjE2NjkxMzcwMzg3NDksImJpZHMiOlt7ImNwbSI6MC4wNywiYWRJZCI6Ijc0NjMyYjU1MTQzNzVhZSIsIm9yaWdpbmFsQ3BtIjowLjA3LCJiaWRkZXIiOiJtZWRpYW5ldCIsInJldmVudWUiOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDEsImZvcm1hdFR5cGUiOiJ2aWRlbyIsInJlc3BvbnNlVGltZSI6NzYzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY2OTEzNzAzOTU0Mn1dLCJ0aW1lZE91dEJpZGRlcnMiOlsib25ldGFnIl0sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Im1lZGlhbmV0IiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NDYzMmI1NTE0Mzc1YWUiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDF9XX0%3D&c_b=12240.900000572205
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:41 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		128 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1302147398971275&correlator=85138005956240&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_cache_host%3Dprebid.adnxs.com%26hb_ap_format%3Dvideo%26hb_ap_pb%3D0.07%26hb_ap_adid%3D74632b5514375ae%26hb_ap_bidder%3Dmedianet%26hb_cache_host_median%3Dprebid.adnxs.com&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D7a50adee5ab81720-2280e8b39fd800a0%3AT%3D1669137036%3ART%3D1669137036%3AS%3DALNI_MZiGSqaPj2RmSuf5i7rUNP1x6m0Hg&gpic=UID%3D00000b814469d1ba%3AT%3D1669137036%3ART%3D1669137036%3AS%3DALNI_Mbpey5hnreUCacIlsL_0o8sBAXQAw&arp=1&abxe=1&dt=1669137041776&lmt=1669137041&dlt=1669137031017&idt=7580&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1680281767.1669137042&ga_sid=1669137042&ga_hid=8060&ga_fc=false&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
bc20149f119bff2a300f4bc3dda331d9578cb3633315800f25026537bcbd4935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46939
x-xss-protection
0
google-lineitem-id
-1,-1,5221734845
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138294466144
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C06F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:41 GMT
expires
Wed, 22 Nov 2023 17:10:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Nov 2022 17:10:42 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=8060&cid=1680281767.1669137042&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669137041&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&dt=%E7%8E%8B%E6%AC%A3%E5%84%80%E6%8E%83%E9%99%A4%E8%B6%85%E7%B4%9A%E5%A4%A7%E9%81%95%E5%BB%BA%EF%BC%81%E3%80%80%E7%B1%B2%E9%81%B8%E6%B0%91%E3%80%8C%E5%8D%83%E8%90%AC%E4%B8%8D%E8%83%BD%E5%86%8D%E5%88%86%E7%A5%A8%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FA5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0EB6 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
8aa2798b546202d710e6e7fd94417a86c4f3f8534a48ae100cdb6a692edcdccb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0VcFBRO9UBjjWxQbqEXloA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-0VcFBRO9UBjjWxQbqEXloA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:42 GMT
expires
Tue, 22 Nov 2022 17:10:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A531 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B5FA 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
eddb5d007097add975fdb3977d1ab47e4e92e03d8432f7c474f93bc649eded95
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j8MzIFUySAQfKt0WKLtO5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-j8MzIFUySAQfKt0WKLtO5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:42 GMT
expires
Tue, 22 Nov 2022 17:10:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6516 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3C0D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
2b0ac9627b8838abd0a554503d948784e45b809b53f3595c3cdd465f8b719e48
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6BCyu4-kb5dpRx7eIjEOkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6BCyu4-kb5dpRx7eIjEOkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:42 GMT
expires
Tue, 22 Nov 2022 17:10:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 0EB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1588066017044767&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 1FA5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B5FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=4173014957902616&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame A531 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3827996945744677&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 6516 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Nov 2022 17:10:43 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E7%8E%8B%E6%AC%A3%E5%84%80%E6%8E%83%E9%99%A4%E8%B6%85%E7%B4%9A%E5%A4%A7%E9%81%95%E5%BB%BA%EF%BC%81%E3%80%80%E7%B1%B2%E9%81%B8%E6%B0%91%E3%80%8C%E5%8D%83%E8%90%AC%E4%B8%8D%E8%83%BD%E5%86%8D%E5%88%86%E7%A5%A8%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-cxJAY9-8aDoI572ZnNWIbg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=12942&dns=7&tcp=534&rrt=0&srt=952&pdt=1&clt=1535&dit=1535&a=8060&z=0.8134616683369458&gtm=2pu000&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Nov 2022 21:08:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72147
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
026c7eea11825239eadba77c063c2bc7c8839318cb1678b1b105c2765d530cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 987A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:43 GMT
server
Kestrel
server-processing-duration-in-ticks
313988
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
container.html
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7945 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:42 GMT
expires
Wed, 22 Nov 2023 17:10:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C29F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:42 GMT
expires
Wed, 22 Nov 2023 17:10:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E450 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpqhWWeMWr0WX79UyAANxslalPRb_kEfIsckd8jHlFQXZ6pdnYBCLVoRQDg7euntsTtB3npwj07HdiCN7SOWu_agfSHUldumgbJH2cofmG2WAJ1-v-hU9-Rg_IP3Myoitk7H92gHEXk8e39VbOfpakeIcG7BXoQrxR6MttIzbVjxZmhi9hnUMbPCqqbvVEkyR5OS8bTufq2qotYTbTq1Oze9Ko-H1O44n3P9f081hzKsgQgbpYHERG0s9Q8WspDpxSeyg41SdBbXoja0PDHDTiJbxoYy1x0qQ24xBHZDuy1CTzn_ITxvnlm1HP&sai=AMfl-YStFoktk102oJ2FT6dmY-Wbt3YzazrdwkDwdiJ1K9mWA9HRzJDVtKgGh032RB_M8CdeSJsfCH47dpUjWJSEkPbdi84XwrWMXxdJyXow0mvm7QbwTBafcZwf4X9Meirk&sig=Cg0ArKJSzKPetaXFi5smEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
bbplayer.js
cdn.adpushup.com/ 		96 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/bbplayer.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
35bb65eabf6e8ed20ab2917216f38dd2e0f00bba27cb9e2eb0bd55c62869937a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Tue, 22 Nov 2022 17:10:43 GMT
content-encoding
br
last-modified
Wed, 23 Dec 2020 08:07:08 GMT
server
nginx/1.18.0
etag
W/"5fe2faac-18198"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
14639
expires
Tue, 22 Nov 2022 18:10:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E450 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:42 GMT
log
qsearch-a.akamaihd.net/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=72b4ad18-bc20-4ddb-a3a9-236712995fff&cid=8CUPEPKI9&crid=222574718&adunit_count=1&dn=www.bg3.co&requrl=https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&istop=true&event=client_bid_won&value=0.07&rd=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.140.144 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-144.pacnet.net
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:43 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 22 Nov 2022 17:10:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 1FA5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1BnXPA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame A531 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0rgWzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6516 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?95OP7w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame E450 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35a1e555e134154a0969bef1bfac99253e3816adb405b648072f5ee05cf87a5f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E450 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame ECAF 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGKf8r9oBMAE&v=APEucNVQmY8XGFZLPxe_RExRM0ucZe_drkiK9EaCtJhcPYtTpvRzN51o-Kmh7PjQJtmDJGDsb2v8i4rfeOGEUDlvyXf0fBi39Q
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:43 GMT
expires
Tue, 22 Nov 2022 17:10:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7945 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 23:12:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
64709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 23:12:14 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 7945 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 23:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
65006
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Dec 2022 23:07:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7945 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssnNAk6WAok22YllXGeVQ7jUKahpEXqx6o2tUlJ_8N07z_AU5rYieZZddcWVZZ6blyZwL0QYay-JdLrKY4gSQPtloL6dI-XlITzrbNIOxzvReejrbK_EVOKCO5RDlA7VrwiO8SKVwMILZWq3hBIpwDNQe3uogoI8WAnUfTQ2ny7su1ePI1utFPhtqBa1QLai8wfdBueqKFlIafVfmQouCmRlVSW4aUEoKXfGXWCGkhcr1tzkQrLHvEsmS5lmo5pqw8dnPwpEWUWSZRZI6xCVziWtU0641RJR1YT2CpwxGyMBxBZNBhpMkKaYEz0s2bwLxlkl6zo9HVQRIv9FQvVe7jgb2OrFihsSr6kAdK2uIiqhVQirnlUC45KCfYMMRmC39gFOKojeLhRGPGLUd4PKnwJWtUIr4cNw0ObG4nBd7dGjAdxDaoXzY-VGgDBD3B4yurzi2n8VKhkK03lX1ongNuupHqrARj7qh3CadqsGetaaNdycoBafFTUt96Qa4O7oMwLo2A494YSeo0SzXYe1LAkInosGsepHw52SqXUQqZ71oSY1WKT1esv2_c5VyBrf_Z-eYa1bnmpev4QAJlU2d7gIYaJt653pBKSSWXVzx8ckyDY6jdyX29awGTIXnyBn2SsTRlrlNi3Hj_L5w2ssPpaKqcnvqk5OMMeSGQdZzaPdb-PqPMDG45eXeW0MGT1a4of0OH1YjukjYC3NQHaooPGXptGXM3sTcY6JZBVBl7Fk3Rx1pkCXY4D6gPe8SWBlFyA_sMTe2m1hsfJXtyUThzd-XQutQ6cxD_-bJWsdH83vOO_wnLzmIDFEsci2BH21JmcJZdaGjFA3KbMbJdltwbPmQC5AQ8e3LzlZ4fFJlKuFRZcPjc-23OQ3lBB-5TmPEFXKz9qY22lafI8jDDq_8QK_J6k5JHWB30o5gZyY5J90AM23qrU1OBqgAg1wLE4wlAKFuKH8k7id60VqVMcwEzNvGHmtyox4Pi3n7TdsWqqfgPdPA0Y_n8giA1JN2D7N-dpKR-jB_lYY9N6EbvOwuaLKy0ZXAfpFJyMA_CMhozNlg2RuK5lrQ5EeFjOotB9-aHyIxm97gd24i6T5sk-zZyWOjZWrFYl1WwEZ-63BVioqpNlLOesXag2_Xtr86spk4TI7sl-Sw8VsB3AQz-y3yn9PGydfT4SvnC5D0TG_QHvItDy4OfnYv2YyaYmU2Ffrg&sai=AMfl-YSSDxkY4Aywfo7t8weFF_UJdDBP89P8oKEfBvX9LKXwUojI3qYlfp00SV-1eh1jPWjWs2opbOe8CDQE4PJKPt9AOgZA2uvp17ULzuI8kp_cV_VUDMhrv3tP5Pk6h9KeOkFv9DnEOZA4HNi0g0wVfA1Qfd94Sqpr6-ao3mVOI5p7Od69J23sjJqEXbpZ2i0FLBCQC9JbTdErrX9XQZ1KGFB2Q5-NwABMkVr6zq8DX1vvg8bbCAA70--iA2_CIwJ_sfUKwIMNQKrJojm0FhgwcoBdug6UpEL8l8LxE62TxCT8wb1FVT70PY_e3WcOGUO3btQE9M6o0fTzdbsC8I7RA97nK9y5asWMfLoN3dAYIoDFYk1CbGGgJuPnsZ0nszEwC9gnDIVDsFtLigw-KVopzA&sig=Cg0ArKJSzIJIB67255sbEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.49977&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 22 Nov 2022 17:10:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 17:10:43 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7945 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 22:07:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7945 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhbFVPE1XLbBf-YrekHmb_BZ3nZungpPxhw4NyId_tIbMqnupVFQ-FoyU_EJ6gzth8_776fD6VvQmd-WWNWprLEDYhoKtZJF1McA2VVtGDbVIeunA
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7945 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
22039
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:03:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7945 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
2971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7945 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:46 GMT
15148769891127195890
s0.2mdn.net/simgad/ Frame 7945 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15148769891127195890
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
d566e92a9512de525d537b1299d46d99151ca1eca60ecac872f5313f64f386ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 14:50:32 GMT
x-content-type-options
nosniff
age
8411
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10895
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 07:21:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 14:50:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C29F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJwuWkQJ9Y7rEOouO9fwPvoes8Afp2tPMa8igkM7LEMCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQI0sIruizlhPuACAKgDAaoEoQJP0LmR7i_IMeZAOH3JtebhjR3t0VmcICCL6degCFEfDob14OE4J1m20BBmUZx17_58MFTc16jqwMLfDuosxRU8ikiBtZBNgUPnVyVV_YzSOZIAm8YbK2wQK35IgL1rrU0E1yKQaUHTiRG_64HHMcSoESQeWVIVTJMDlSd3r0r_67ufOJ5CFQt5L5tj2ZvjrHdZl6K2BKgvP_5knmgAxF9YxYmLW4uko2dvV8iJJXqlL0Rh6j00Qi6tPq-Aw5KlSkD8OM04l6CQ_NGjj3uHJArXxUmV6JegXCfEGWEOr0GfmlxYQo5AkavtDhCdjWNqKdeJBnva81Y3raIKkMBdiB6dmbGJb-YYXDYVIIi7MkbcwAyOzrVnKfURKG1nX5LA7IXZ4AQBgAaCwe6Q1bKoraUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=49y9J8OKRGo&uach_m=[UACH]&cid=CAQSOwDq26N9PdbL9uYqben0RjCLEMMbwxrBEzT5DsK97DiVU2zhc9wREvvmwGxYH9KgsFAC4Etam6ZqcHUkGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
winshowimg
theta267.rtb.appier.net/ Frame C29F 		42 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theta267.rtb.appier.net/winshowimg?bidobjid=NPl4yLmtBfehJNXYkgJ9Yw&reqid=BXgrhHLBD7UW0zudTK25Cw&cid=UkhomrwvQieqQwhkieJsig&crid=Z92dqbnDTsSTGYteEZukig&partner_id=03mSf3HNecb-&bx=Cylxwnu_oPMxKq6D20fm7PuQ7rGs7quDK4lswmo121l9C1u-uYOPuqa1Jmg9u1x1cHd121uVorw92rd97PM9o4u-uY79uqa1wYZPKY7Bu1x1w8Q121l13Po9wmA1eM&impid=1&ui=CyljUmOjUbisc8M121l0MIirtIScr831U07TID3qcrS278S7t8ixCrM1eM&consent=1&ddhh=oquW7d&price_encoded=Y30CkQAOojoJnUcLAAsDvj0ui5dP4v-by0NkEg&cachebust=1986059332
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.106.66.28 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Nov 2022 17:10:43 GMT
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
w
vst.c.appier.net/ Frame C29F 		42 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vst.c.appier.net/w?cid=UkhomrwvQieqQwhkieJsig&crid=Z92dqbnDTsSTGYteEZukig&bidobjid=NPl4yLmtBfehJNXYkgJ9Yw&partner_id=03mSf3HNecb-&tracking_ns=&consent=1&w=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.58.163.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Nov 2022 17:10:43 GMT
content-type
image/gif
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
gcm
a.c.appier.net/ Frame C29F
Redirect Chain
  • https://a.c.appier.net/gcm?trigger_hosted_sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dHNRNWdlY2dBaWFTNTBEaWt3SjlZdw%3D%3D&google_redir=https%3A%2F%2Fs.c.appier.net%2Fgcm2%3Ftrigger_hosted_sync%3D1
  • https://s.c.appier.net/gcm2?trigger_hosted_sync=1
  • https://cm.g.doubleclick.net/pixel?google_nid=appier_pc&google_hm=VGpvTU9CcDZBYi1GZXFQTmt3SjlZdw%3D%3D
  • https://a.c.appier.net/gcm
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.c.appier.net/gcm
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
103.3.63.48 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li819-48.members.linode.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 22 Nov 2022 17:10:45 GMT
cache-control
no-store
server
nginx
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.c.appier.net/gcm
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame C29F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=23716808&cmp=187099&plc=6785112&sid=10482&dvregion=0&unit=728x90
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.11.200.84 Pak Kret, Thailand, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-200-84.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:55:21 GMT
Server
Microsoft-IIS/10.0
ETag
"42b02eb945ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
moatad.js
z.moatads.com/appierdisplay844822012038/ Frame C29F 		320 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/appierdisplay844822012038/moatad.js
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3eeb055d7d06c17cd648bdc6c32520c00d74a04c86007ed40820b0133ee01c4b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:43 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 14:51:04 GMT
server
AmazonS3
x-amz-request-id
FTJHXC3W31QHK64B
etag
"08f19a6c8c3d644400f119a9a41fe2e7"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=15800
accept-ranges
bytes
content-length
111147
x-amz-id-2
+5c391aPBhYA70gs8E9IPn1zIeM8Evly62+j3anbStgXPeMh+B1ZMSd8gwn45K+4DQQN0e5fXUE=
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C29F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
22040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 11:03:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C29F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 16:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
2971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 16:21:12 GMT
l
www.google.com/ads/measurement/ Frame C29F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUGN-_RPDX32HORf_L9Y5O92p78ZdEIa1_X-cU7Tdh6Yw2uP9ZuZvhFMwDystKvvGAou-WvlgVtpB-HnALxtOo052djg
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C29F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 22:24:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
585952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 22:24:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C29F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Nov 2022 17:10:46 GMT
json
gum.criteo.com/sid/ Frame 987A 		431 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e6d8e6045298dbbcb55252d0bbea9a416041ede7a1a4aa9cc309754788b7de5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:42 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1967809
expires
0
/
adpushup.bbvms.com/launchpad/ 		1 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adpushup.bbvms.com/launchpad/?1669137043193
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/bbplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
Apache /
Resource Hash
695f5ee80e5dae33ed10ede31105a87fa1ee498e39abe4d49cfde0e063937d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:09:53 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
SIN2-P1
age
50
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-ovp-host
vms-prod-frontend-spot-10-1-17-168
x-amz-cf-id
5ZFsRVm2mkOaWaXX5Qiz_1c1dTCbSPHU9lzCCQag7glXLdvrTA42kg==
expires
Tue, 22 Nov 2022 17:10:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E450 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D7E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
195591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Nov 2022 10:50:52 GMT
expires
Mon, 20 Nov 2023 10:50:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E961 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
5b47de43648d6cac5f54f3a12c61c6227950e6ee66ecd7a01829963dbf6e20d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7qFV5Kk89w1u__E6mGO0hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-7qFV5Kk89w1u__E6mGO0hg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:43 GMT
expires
Tue, 22 Nov 2022 17:10:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame ECAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGKf8r9oBMAE&v=APEucNVQmY8XGFZLPxe_RExRM0ucZe_drkiK9EaCtJhcPYtTpvRzN51o-Kmh7PjQJtmDJGDsb2v8i4rfeOGEUDlvyXf0fBi39Q
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame ECAF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y30ClHuf3dWc5pgO3u.P1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGKf8r9oBMAE&v=APEucNVQmY8XGFZLPxe_RExRM0ucZe_drkiK9EaCtJhcPYtTpvRzN51o-Kmh7PjQJtmDJGDsb2v8i4rfeOGEUDlvyXf0fBi39Q
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELp5RynAO_Fvb36C-rCBliY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame ECAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELkp_grOAAxtXuPlOxi30AE&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELkp_grOAAxtXuPlOxi30AE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGKf8r9oBMAE&v=APEucNVQmY8XGFZLPxe_RExRM0ucZe_drkiK9EaCtJhcPYtTpvRzN51o-Kmh7PjQJtmDJGDsb2v8i4rfeOGEUDlvyXf0fBi39Q
Protocol
HTTP/1.1
Server
68.67.179.89 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:44 GMT
AN-X-Request-Uuid
0918dc51-f439-42ad-a5f0-32f158c0ca77
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELkp_grOAAxtXuPlOxi30AE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECAF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMTE1MTE0MTAyODM0MjM5MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMTE1MTE0MTAyODM0MjM5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGKf8r9oBMAE&v=APEucNVQmY8XGFZLPxe_RExRM0ucZe_drkiK9EaCtJhcPYtTpvRzN51o-Kmh7PjQJtmDJGDsb2v8i4rfeOGEUDlvyXf0fBi39Q
Protocol
H2
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:43 GMT
AN-X-Request-Uuid
2617603a-b68f-49bc-8f00-351c15aa3e97
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMTE1MTE0MTAyODM0MjM5MA%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7CB0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
9437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Wed, 23 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7945 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40bb38cb7ab5e125d525e308d1a842e3ee07922a028d58a7aa847b479d08a830

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 1331 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=661049901592538&bg=!bW6lbirNAAbvMpMzzzI7ACkAdvg8WgvNizGwby-Yv5A7b9y48frwMBD-EDbihPBrRpe139_NC5GzmAIAAABoUgAAAAJoAQeZArkzppDDvlTgIkTuN3wSrOVMd46AD4qjLZ0fLb408JPeaiBWI2AGwo47mlo6BP51pMU5zqZF_JKI9wFpkyEtilZeYKektRGFtvwtmb_en2RPAGDEBRyG0HREqPDNAT-ij4TURWtGdeNExs3a1N-gYJiu90YXtJXCfMxZFQUg03UR0dVJP7gKScf3Pl9wfCW82fGikgTRpwjlMsU6NiUAsbT8_ohyQAHOQa6vzFVRPv9kiZqJzyHf6r67g1hz8HsKAj1Ii18TGyO7H4Al3yYiiKkIY9Yjr2k5IOtI80PnOqpoF20eRPpQckUwkVLcyAGcQsXq5ryQL93lKkdZcCAIZqVNrOZHAWRuL0dAxNBs9_tbi1-v8mOVV8RaT-qvLod9ThehzKHPqngU0jNOOSiRvwh3KTBymTuOmNnw7-7JTQhK-9eR1ALgeFuYhjqXrC6lWeiLGQDcbfS0-vdXB4Jg-BWIeqthdgo19aXoAkuGqpNojx84k4isvkibAe3NnPQcKuN6eW3HX6pcrMyvg5FwPx-9_zoowqOTdrrnddRmNtz7vuyXiwNlVu8VAe0cMJn0nfyv5dJSp_8Eayx4B6PD-jGL57Hl5mE2_CUaEFkTx8kRUWV_EyaXckniAPwgMvdRjik6XKiHR7XNqNw1xIyrUwaeTrWatDVasLzi4mCfEGlo2SZ8u0-8dPJa_Qiv5YtCpfViiwxLZ92Jj0S56ifvKJpieF9OFc8oNQ7hhJVYjQLZr6csW4wfrANF6858ifqDYXTpNHpU-1TZyFrnysJVt4qURxTQO_Q3fQqseDI9D6kg-jLNqckVqLVaNvBkez1KbrPlAa0UaaO-7hNIHK3IQL9AqD9lfrxZt87rcJtLYnnXfkJv3eLlEJBf-Gxc9N3eMsjKxToask6_nQdPS_-Gff9mquVeQElvJZwI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E961 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1302147398971275&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 7D7E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8EE7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
586798
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Nov 2022 22:10:45 GMT
expires
Wed, 15 Nov 2023 22:10:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7CB0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1&google_push=ASkJ3FaVdqjkdEl_3jVu8WoqOYJyX12jbsiedw7h6W3Dfbjw3FlvzJo92d1tsO55wFojEnRmjyljRjiDjwBHYojdG2x_0BerxkjSo...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5NDAwMzEyNDE5NTI4Mjk0Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 7CB0 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIWsQK_SmFLbDIlSApBNg8c&google_cver=1&google_push=ASkJ3FbGuIKXR0hoxT6mGtuB-Ftu90vYiw2k0lEx-6Bd0ogaiDJBrpuxGZV_csqVQApeplWrV0AyvP9LNMUvv3ixSOTOTp1mo3kJBfaxWvpCQXNZXiU3rBtkHSxhExhgo7cgCXg9FXPVBIH3-MvxROGSJyg
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7CB0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPn0-Ty8oJRvSdiW33zf1Sk&google_cver=1&google_push=ASkJ3FYf6X8737u8ZpUugnBsUudZY0AbA9ueEojoiUe8RG5DXZoej3mpq1kvZCWH0JMLGICgIdm2uEiNmV4nLMa3...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYf6X8737u8ZpUugnBsUudZY0AbA9ueEojoiUe8RG5DXZoej3mpq1kvZCWH0JMLGICgIdm2uEiNmV4nLMa3HhiPnAlgOMjZTLqvZ8KpVFciUTh9pQ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYf6X8737u8ZpUugnBsUudZY0AbA9ueEojoiUe8RG5DXZoej3mpq1kvZCWH0JMLGICgIdm2uEiNmV4nLMa3HhiPnAlgOMjZTLqvZ8KpVFciUTh9pQy6oERAM5sIQj5GA0VpWTotDBhiu6M4aEyyuQ0
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 22 Nov 2022 17:10:44 GMT
Server
MT3 169 32252b7 master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FYf6X8737u8ZpUugnBsUudZY0AbA9ueEojoiUe8RG5DXZoej3mpq1kvZCWH0JMLGICgIdm2uEiNmV4nLMa3HhiPnAlgOMjZTLqvZ8KpVFciUTh9pQy6oERAM5sIQj5GA0VpWTotDBhiu6M4aEyyuQ0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Nov 2022 17:10:43 GMT
i.match
s.tribalfusion.com/z/ Frame 7CB0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8...
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76e347be79061c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
8599
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZm_6FrNxEacpMgITEPc-c6QIz4LCYRawQSO3M6wymDvHn0GubKxDgLpenxTLpIB2RKMIfUC3Oe25dCV4abT3LfJd7LsI8m-dDRxOEElDaWznLt7axsPj4HurchOchlOgQvlNxqxkwdiN2ByMWS2aw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76e347bcd87d1c4d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7CB0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1&google_push=ASkJ3FYKhYEpvGgn7pJywl-bTeBPBQHGfzhZwEXg7DxqFeG6LhK_l9CL1HqhzEtZRBvmyqKRNOsQ5mS2R0y1bbg0RCNr...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1&google_push=ASkJ3FYKhYEpvGgn7pJywl-bTeBPBQHGfzhZwEXg7DxqFeG6LhK_l9CL1HqhzEtZRBvmyqKRNOsQ5mS2R0y1bb...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=06540c7e-6b14-4609-894b-6f9a99234eae&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYg4PtQ_cCXGvrABIsKNQsJrHUdsykL5KTvuEEPO8Zxs2_w1bEB6kHWlMZEesrKyaNIGFyR-866FkTsrNZUixTYMFwQw5GyIg&google_hm=CNII238EQ6-cSYaYlbYFRw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYg4PtQ_cCXGvrABIsKNQsJrHUdsykL5KTvuEEPO8Zxs2_w1bEB6kHWlMZEesrKyaNIGFyR-866FkTsrNZUixTYMFwQw5GyIg&google_hm=CNII238EQ6-cSYaYlbYFRw==
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYg4PtQ_cCXGvrABIsKNQsJrHUdsykL5KTvuEEPO8Zxs2_w1bEB6kHWlMZEesrKyaNIGFyR-866FkTsrNZUixTYMFwQw5GyIg&google_hm=CNII238EQ6-cSYaYlbYFRw==
Date
Tue, 22 Nov 2022 17:10:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7CB0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPJ2XahEqJt8u1qVHouIFyI&google_cver=1&google_push=ASkJ3FY2qvei1pJUtHhlVAcXEJirEqxtpYd0agUR-Jrh4PvYlyRoy9SxPJes5CjYQhx68JqTT-4_FLkt85sXf5va_og4QA5...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY2qvei1pJUtHhlVAcXEJirEqxtpYd0agUR-Jrh4PvYlyRoy9SxPJes5CjYQhx68JqTT-4_FLkt85sXf5va_og4QA5tP3MgubNpyE2LlOp-fMuVmeDXrbrXZF7WT-Klf...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY2qvei1pJUtHhlVAcXEJirEqxtpYd0agUR-Jrh4PvYlyRoy9SxPJes5CjYQhx68JqTT-4_FLkt85sXf5va_og4QA5tP3MgubNpyE2LlOp-fMuVmeDXrbrXZF7WT-KlfYTw3miP2iT2KLbNZ9GjRyI&google_hm=NTkzNjA3MTIwMjI5Mjk3NTA0OA%3D%3D
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Nov 2022 17:10:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY2qvei1pJUtHhlVAcXEJirEqxtpYd0agUR-Jrh4PvYlyRoy9SxPJes5CjYQhx68JqTT-4_FLkt85sXf5va_og4QA5tP3MgubNpyE2LlOp-fMuVmeDXrbrXZF7WT-KlfYTw3miP2iT2KLbNZ9GjRyI&google_hm=NTkzNjA3MTIwMjI5Mjk3NTA0OA%3D%3D
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 7CB0
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEFw5AqwqxtX9pLxzKupvQ6c?ext-param=ASkJ3FaAyUraWHckwSukffD_hWRJLASQo9sfffqWhNXp9wL7skqiX7TY_vlMJL2LqDLQvQyClDi1xUtV_RoaDT_EPv62GptSn9i7vSOYXzfEByCDpPvr2q69A8ux...
  • https://an.yandex.ru/mapuid/google/CAESEFw5AqwqxtX9pLxzKupvQ6c?redir-setuniq=1&ext-param=ASkJ3FaAyUraWHckwSukffD_hWRJLASQo9sfffqWhNXp9wL7skqiX7TY_vlMJL2LqDLQvQyClDi1xUtV_RoaDT_EPv62GptSn9i7vSOYXzfE...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFw5AqwqxtX9pLxzKupvQ6c&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 17:10:45 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7CB0 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRhMvF9sNloTwdjIu52gYhRKjznuvppkYGRIVW2fiJtEd3KpsZMyxShwOzue8VQ2hIaSjbag
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 8EE7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:10:29 GMT
dvbs_src_internal113.js
cdn.doubleverify.com/ Frame C29F 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=23716808&cmp=187099&plc=6785112&sid=10482&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.11.200.84 Pak Kret, Thailand, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-11-200-84.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 09:56:00 GMT
Server
Microsoft-IIS/10.0
ETag
"0b85bd045ecd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19448
generate_204
tpc.googlesyndication.com/ Frame 7D7E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FYHV4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7945 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssnNAk6WAok22YllXGeVQ7jUKahpEXqx6o2tUlJ_8N07z_AU5rYieZZddcWVZZ6blyZwL0QYay-JdLrKY4gSQPtloL6dI-XlITzrbNIOxzvReejrbK_EVOKCO5RDlA7VrwiO8SKVwMILZWq3hBIpwDNQe3uogoI8WAnUfTQ2ny7su1ePI1utFPhtqBa1QLai8wfdBueqKFlIafVfmQouCmRlVSW4aUEoKXfGXWCGkhcr1tzkQrLHvEsmS5lmo5pqw8dnPwpEWUWSZRZI6xCVziWtU0641RJR1YT2CpwxGyMBxBZNBhpMkKaYEz0s2bwLxlkl6zo9HVQRIv9FQvVe7jgb2OrFihsSr6kAdK2uIiqhVQirnlUC45KCfYMMRmC39gFOKojeLhRGPGLUd4PKnwJWtUIr4cNw0ObG4nBd7dGjAdxDaoXzY-VGgDBD3B4yurzi2n8VKhkK03lX1ongNuupHqrARj7qh3CadqsGetaaNdycoBafFTUt96Qa4O7oMwLo2A494YSeo0SzXYe1LAkInosGsepHw52SqXUQqZ71oSY1WKT1esv2_c5VyBrf_Z-eYa1bnmpev4QAJlU2d7gIYaJt653pBKSSWXVzx8ckyDY6jdyX29awGTIXnyBn2SsTRlrlNi3Hj_L5w2ssPpaKqcnvqk5OMMeSGQdZzaPdb-PqPMDG45eXeW0MGT1a4of0OH1YjukjYC3NQHaooPGXptGXM3sTcY6JZBVBl7Fk3Rx1pkCXY4D6gPe8SWBlFyA_sMTe2m1hsfJXtyUThzd-XQutQ6cxD_-bJWsdH83vOO_wnLzmIDFEsci2BH21JmcJZdaGjFA3KbMbJdltwbPmQC5AQ8e3LzlZ4fFJlKuFRZcPjc-23OQ3lBB-5TmPEFXKz9qY22lafI8jDDq_8QK_J6k5JHWB30o5gZyY5J90AM23qrU1OBqgAg1wLE4wlAKFuKH8k7id60VqVMcwEzNvGHmtyox4Pi3n7TdsWqqfgPdPA0Y_n8giA1JN2D7N-dpKR-jB_lYY9N6EbvOwuaLKy0ZXAfpFJyMA_CMhozNlg2RuK5lrQ5EeFjOotB9-aHyIxm97gd24i6T5sk-zZyWOjZWrFYl1WwEZ-63BVioqpNlLOesXag2_Xtr86spk4TI7sl-Sw8VsB3AQz-y3yn9PGydfT4SvnC5D0TG_QHvItDy4OfnYv2YyaYmU2Ffrg&sai=AMfl-YSSDxkY4Aywfo7t8weFF_UJdDBP89P8oKEfBvX9LKXwUojI3qYlfp00SV-1eh1jPWjWs2opbOe8CDQE4PJKPt9AOgZA2uvp17ULzuI8kp_cV_VUDMhrv3tP5Pk6h9KeOkFv9DnEOZA4HNi0g0wVfA1Qfd94Sqpr6-ao3mVOI5p7Od69J23sjJqEXbpZ2i0FLBCQC9JbTdErrX9XQZ1KGFB2Q5-NwABMkVr6zq8DX1vvg8bbCAA70--iA2_CIwJ_sfUKwIMNQKrJojm0FhgwcoBdug6UpEL8l8LxE62TxCT8wb1FVT70PY_e3WcOGUO3btQE9M6o0fTzdbsC8I7RA97nK9y5asWMfLoN3dAYIoDFYk1CbGGgJuPnsZ0nszEwC9gnDIVDsFtLigw-KVopzA&sig=Cg0ArKJSzIJIB67255sbEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=895&vt=11&dtpt=894&dett=2&cstd=0&cisv=r20221110.49977&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 22 Nov 2022 17:10:44 GMT
verify.js
rtb0.doubleverify.com/ Frame C29F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_684371720320&jsTagObjCallback=__tagObject_callback_684371720320&num=6&ctx=23716808&cmp=187099&plc=6785112&sid=10482&advid=&adsrv=&unit=728x90&isdvvid=&uid=684371720320&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=89&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D38b%5D4%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D38b%5D4%40Tar9EEADTbpTauTaue5abef4db2h6_fegb_4%60b_66fb3%60h726%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.50&callbackName=__verify_callback_684371720320
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
6dc8e0fae18390e9ef9367fa4b94c34540f239eda1f78d0eb4caf8170d108568

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:45 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
11/21/2022 17:10:45
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EE7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B00S_kQJ9Y7nEOouO9fwPvoes8AcAAAAAOAHgBAI&bg=!2Nul25_NAAbvMpMzzzI7ACkAdvg8WiY8MJwr96hW5RuLgT5SDJcFzSfn5d1iLpfUg56_sCdGJ8YAEQIAAABoUgAAAAJoAQcKACHGtXhr-gsm0q4T8C3Y7SqL7op5640UpWCCZr7-wfSA8fKZAtnq3YF93Xbz_PzGHgCKYDwSA03EIslArrhTaKXKoahIUwDThsdPf4djnXwznTZ8twzQfvIac3cS8Lp1SUOtOOoQB2jDDTdFKg01DCwp0k0XEZNc9y6kcE5zUykTZEveSvcyYBIm8-rMaKocYY6CEXRJsCKt14gJzlBY5Va3jwa5uD_aMt5qrJCHzegt4GHVEKIN3OXfpTNOBAlXlLEBH8Pr1VgU2vmAiDtszNm89wyb6QD-M7KZkNkumWDCm0XYwztv5Gd_SqhrOsdxSUsjsBhh0GvWTRo1aCh9wcY37knGZ5fxVNvnsAxS-C28K9K8Sbvzz375vbf-Xd82_KU136MUI4SVAaU_E_V_I1GSkJvhVp5QhQE7mEGXKZHqKKsdx8ZVYPA1p4SosLYV_Z9nOclBauH46SKI8_kLd-0E1E0Vtjp1KVmjLS5abuROiihluOEl1kS4feBCGgrxmOAnI1vyqdv1aMNIXMf4pXCCgjTR5QIW1GyhAQgV0GUswwQMOWwkE9lXUNmRltUACQU95zQVwPqXmB1frVz3voS5sHavLbhSEFPIxA_gj-tQnQepNJbZZ8tzyb47WILUS6IfTC76vwuL52DZ-_Ip4qA7oBZyukbYS0OFDbgNhyk42HnzSJc4m5nB6oO3E-nhwb4s50VznS3jj5ZoTKeLdJA2NFYxIqF4vRcqfA-wIeqwWFPq_66Qhlh6jqbV2dfI3KvCb3Z41a-s7nm2lJ7X4OVXi5Kvaml4ZTYwXH5gRuuqBFmSG3yVnQjaXutPtNKBEngSs9vjth6Bp0mjAMWY7nLvjKREmpcRjATgvjWCT5cYURo98fjkrq4AL5MSsoAZvQGyB51TjmXMiXiKbo6yBb-8QHnIDY5fo5sRu0jQcLHHipG_SCR5b7q69_1PGmj5U6TVxOtYyzmfKPiVgAPDjdCoJv9A3mRzSpBAtjgIRWKpUU58cU-dCJYt3AoLgO0
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 22 Nov 2022 17:10:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
251851
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		418 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
344a39bc96936d73fc7d30ed9023249ac41998deeecbaaf11809bcb5282b9daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1259195
expires
0
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e0c3ba2240109750d1d89e43d766b930f697aad52f79f36e2e8f8b191c87bc7b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Nov 2022 17:10:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 22 Dec 2022 17:10:45 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 3C58 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
638
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76e347c3cf0ffb8c-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 17:10:45 GMT
expires
Tue, 22 Nov 2022 21:10:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
e6adbbfe4910b51b5d30763c49dea2b1873bd1627777ef9aef513e68cf584aff

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 17:10:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 22 Nov 2022 17:10:45 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame 6D42 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
12fb5f68666a3cae1cd6c8c0212a02d2b4c763cd008c0f63c9fd0d5a42935012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=151774
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 17:10:45 GMT
expires
Thu, 24 Nov 2022 11:20:19 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 0868 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 17:10:45 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 46A2 		533 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0b93f2a8a67e3de4727b8ea19d1808d21c6de69dfc16b2eb9057cc5c8e1ac6e4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
325
content-type
text/html
date
Tue, 22 Nov 2022 17:10:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 3CFE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-129.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
2478
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 16:29:28 GMT
etag
W/"02a59c9399d935f64b331e61178d2c9f"
last-modified
Mon, 14 Nov 2022 16:28:27 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 a5527e17f7fd24342408a5722f47d30c.cloudfront.net (CloudFront)
x-amz-cf-id
PtYxXZIOry6QyrFVJ8jX2eOimpJPUI2fcKrhWYukGSD-EcfiVqHnRg==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:9114884f-60db-4078-afb1-cde242f68696
x-amz-meta-codebuild-content-md5
3d437d58b8bd54e8a0e378e97cd0e39f
x-amz-meta-codebuild-content-sha256
85fe75fc3aebfc86893a7760fc0ac12e3ff269743874600311aae7eb8917fccd
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame CC13 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame B3B6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44321
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 22 Nov 2022 17:10:45 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
30, 37383
X-Served-By
cache-lga13626-LGA, cache-mel11246-MEL
X-Timer
S1669137045.169249,VS0,VE0
sodar
pagead2.googlesyndication.com/pagead/ Frame CF5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1588066017044767&bg=!_P-l_7vNAAbvMpMzzzI7ACkAdvg8WgDko304gNEfhsUbB0xQpXQF9WurIKR_wTN9l6TOMMPWZb3nbgIAAACYUgAAAAJoAQeZAt1orSpCBEK-JLUdV7gybfDomsogn1daQRqF10P6HGCR7aTCwJl3PnIzQZbsKop_ihnPfHTUoTCIlV02wn3nzUWh6UKxQrb_0TjQ3tNDVFZ6kmD-j9G6ghxLKIg9OegyySrdA3TJa9ejvx4C-tFm3ayz4dpMHJPC-E7htx3hPf3K32TCvaZ92o9dcXY7zPrr2S6kb8i24f7JBIdjy1Pk6qCuTWkFicr3f8L65g2m3bXGynv20nUNMuK1U9w5Quhmye5wOSG44HoBgrlmQtR-D9Prcg_Vtu9csDgY1hxxwaj-GjS04nOh-kXq2lcpDPJ7EMZBiw-FEgnDpAnwwf0t-vkq6I-7IfbCM6VmCCcxRAPSL8E3AE-SJsVtYL-QTaSUtblK4D-tdK1HDw5GYx6GybPWUwArbEYo4NnnXYUAR21NE-_3PJmcWF4EVPKMczMij5-h7yhKjpiZzIBFd4Ve4KA0OyVtf8s2Pt0D9Oa0RJv875KTHZcWKsO1qLW4FD7l4Dx4eUcb8mdEU0DC11wC9WE7RuRRkzcDD-Ek_JPN6kSRoyauS1MX46PBKOhqgTfGKayF7TtpVxyp2T3Ar-uRWoh-W_r2yHRBKHwtPhHDVA7g_uNbxo7QOl-n_Z_jHDKZyVdSns6aynKn6svLz_zjceVp9LXvRqWvJXUJd-h4B5mC5iz0TQvoSyPtDvhENTttGRzGiPw-x_HcBLMkvzI9QqvwO3v14G88g09wKZvFfVDhYuCeQATbrOb6Qc7Ribklrc6oWJjpDxmbMFlVMhE07oobix3FjIIU0kDOY2wEH-vGapofwKTngfCSElZIDEf3zdMnyjydA2xpeXBD54SFtzdtZp8qUx6TiLNp4LpgZqbb6z-8M8K1Ro1DaDUzfEQ4L5AhMeftwQK67uNKoFgE9CGxkhum3qeRot4YwNAiCDhEGcLPtizHJKQUck7kefbwChf5e_es7M4SPBMzcdqv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ItemScope.8aa94a37.js
adpushup.bbvms.com/launchpad/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adpushup.bbvms.com/launchpad/ItemScope.8aa94a37.js
Requested by
Host: adpushup.bbvms.com
URL: https://adpushup.bbvms.com/launchpad/?1669137043193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-127.sin2.r.cloudfront.net
Software
Apache /
Resource Hash
ebc01ff5b31a9890b0006b515b1b61777273fb70fae135aa22302d7136d1d319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
19
x-cache
Hit from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
1831
x-ovp-host
vms-prod-frontend-spot-10-1-17-197
server
Apache
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-amz-cf-id
FL10pGMTptAL1wudojGo0iSCu1y7Ve_K5K_rET0DOJHte4VA2_geSQ==
expires
Tue, 22 Nov 2022 17:11:26 GMT
ubuntu.css
cf-syd.cdn.bluebillywig.com/fonts/
Redirect Chain
  • https://cdn.bluebillywig.com/fonts/ubuntu.css
  • https://cf-syd.cdn.bluebillywig.com/fonts/ubuntu.css
555 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cf-syd.cdn.bluebillywig.com/fonts/ubuntu.css
Requested by
Host: client
URL: about:client
Protocol
H2
Server
54.192.150.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-9.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 20:49:29 GMT
x-amz-version-id
IDYIuU3zmZsBjG9nDtEUUwbl.IHOBTIU
via
1.1 17fb84bf4d70f7e6db47eb138f34fc8a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-C1
age
10614078
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
555
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 08 Apr 2022 11:19:03 GMT
server
AmazonS3
etag
"2a6307abebf25c55ddb0722a4b7ef277"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Lc-T0HhbrRsaTNpkzoWgyltZQkT1ImJSe8Mwk7nA_qyq8Ig2OgwHjw==

Redirect headers

date
Tue, 22 Nov 2022 17:10:45 GMT
via
1.1 906c6b5e83bd44f62b7f603039ce6f30.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
CloudFront
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-C1
x-frame-options
SAMEORIGIN
x-cache
FunctionGeneratedResponse from cloudfront
location
https://cf-syd.cdn.bluebillywig.com/fonts/ubuntu.css
cache-control
public, max-age=21600
vary
Origin
content-length
0
x-amz-cf-id
TQ5A_-iZeke8NHv__4gyNDDgCtDpHHDfj7k2MqVJJ1V5FsycgbXg9g==
x-xss-protection
1; mode=block
ima3.js
s0.2mdn.net/instream/html5/ 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/html5/ima3.js
Requested by
Host: adpushup.bbvms.com
URL: https://adpushup.bbvms.com/launchpad/?1669137043193
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
218f3220f1e46f7d858f45c146e361f9a8a63337a0960df49cdcabd43c7b13a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 17:10:45 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sid=%5B%22oWpW70Tlxey1%22%2C%22%3C%2d%22%2C%225ImTMWOHpmT4%22%5D&prid=%5B%22%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ts=%5B1669137044948%2C1669137044949%2C1669137044961%5D&pp=%5B%22~~00~~pushup%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ev=%5B%22xst%22%2C%22it%22%2C%22%3C%2d%22%5D&id=%5B%22i2KUfKcL0pDX%22%2C%220%22%2C%22%3C%2d%22%5D&et=%5B%22Session%22%2Cnull%2Cnull%5D&cid=%5B%220%22%2Cnull%2Cnull%5D&xu=%5B%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang%2dxin%2dyi%2dsao%2dchu%2dchao%2dji%2dda%2dwei%2djian%2dxu%2dxuan%2dmin%2dqian%2dmo%2dbu%2dneng%2dzai%2dfen%2dpiao.html%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&xr=%5B%22%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&pt=%5B%22renderer%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&aup=%5B%221%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&aum=%5B%221%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&aul=%5B%220%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sn=%5B1%2C2%2C1%5D&vu=%5Bnull%2C%220EE2B962%2d6D8C%2d4A45%2dB8C7%2d036484497E88%22%2C%22%3C%2d%22%5D&pv=%5Bnull%2C%226.x%22%2C%22%3C%2d%22%5D&ct=%5Bnull%2Cnull%2Cnull%5D&pd=%5Bnull%2Cnull%2Cnull%5D&vs=%5Bnull%2C%22n%2Fa%22%2C%22%3C%2d%22%5D&rs=%5Bnull%2C%221600x1200%22%2C%22%3C%2d%22%5D&fs=%5Bnull%2C%220%22%2C%22%3C%2d%22%5D&mt=%5Bnull%2C%22mainroll%22%2C%22%3C%2d%22%5D&du=%5Bnull%2C0%2C%22%3C%2d%22%5D&ut=%5Bnull%2C%22commercial%22%2C%22%3C%2d%22%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-4.sin2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:46 GMT
Via
1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
CTILntBx9BRml0sBsvZUIWRvloisBnqqIYZPxB8zKI7V8Ztgt6gG4A==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=%5B%22html5%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&sid=%5B%225ImTMWOHpmT4%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&prid=%5B%22%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ts=%5B1669137044965%2C1669137044971%2C1669137044972%5D&pp=%5B%22~~00~~pushup%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&ev=%5B%22xst%22%2C%22xit%22%2C%22xiv%22%5D&id=%5B%22zgi9yLrAKpUl%22%2C%22STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_vast_renderer%22%2C%22%3C%2d%22%5D&et=%5B%22View%22%2C%22~~02~~Unit%22%2C%22%3C%2d%22%5D&cid=%5B%220%22%2C%22%3C%2d%22%2C%22%3C%2d%22%5D&pid=%5B%22i2KUfKcL0pDX%22%2C%22zgi9yLrAKpUl%22%2C%22%3C%2d%22%5D&pet=%5B%22Session%22%2C%22View%22%2C%22%3C%2d%22%5D&fs=%5B%220%22%2Cnull%2Cnull%5D&xu=%5B%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang%2dxin%2dyi%2dsao%2dchu%2dchao%2dji%2dda%2dwei%2djian%2dxu%2dxuan%2dmin%2dqian%2dmo%2dbu%2dneng%2dzai%2dfen%2dpiao.html%22%2Cnull%2Cnull%5D&xr=%5B%22%22%2Cnull%2Cnull%5D&pt=%5B%22renderer%22%2Cnull%2Cnull%5D&iet=%5B%22Renderer%22%2Cnull%2Cnull%5D&pcid=%5B%220%22%2Cnull%2Cnull%5D&ut=%5B%22commercial%22%2Cnull%2Cnull%5D&sn=%5B2%2C3%2C4%5D&ap=%5Bnull%2C%22inarticle%22%2C%22%3C%2d%22%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-4.sin2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:46 GMT
Via
1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
ilBq2HTXaP7M-BzF6HbdkubsHXoRXsGYNMJGzEMNl5mLmm0tuUUc-Q==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=5ImTMWOHpmT4&prid=&ts=1669137044977&pp=~~00~~pushup&ev=xit&id=STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_vast_renderer_1&et=LineItem&cid=0&pid=STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_vast_renderer&pet=~~02~~Unit&at=generic&ap=inarticle&ar=n%2Fa&sn=5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-4.sin2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:46 GMT
Via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
YjIkR6wzPeNvZHP1u12Z18_Jy1FvK5_B_Z2dd9ZEUBTo1sawO9E8sQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sd
us-u.openx.net/w/1.0/ Frame 46A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8594003124195282946&gdpr=0&gdpr_consent=&us_privacy=
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8594003124195282946&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8594003124195282946&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 46A2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc203268-cedd-47ec-b726-b552b95aa490&ttd_puid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0&gdpr_consent=
43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc203268-cedd-47ec-b726-b552b95aa490&ttd_puid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=fc203268-cedd-47ec-b726-b552b95aa490&ttd_puid=1c326ce0-1d23-72a2-ffff-32bd88e2d588&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 46A2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y30ClcCo5swAALWPfr8AAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y30ClcCo5swAALWPfr8AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
30
Date
Tue, 22 Nov 2022 17:10:45 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":30,"gdpr":false,"ipv4":"116.90.74.202","key":"Y30ClcCo5swAALWPfr8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad350"}
X-SO-Key
Y30ClcCo5swAALWPfr8AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad350
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y30ClcCo5swAALWPfr8AAAAA
Cache-Control
private
X-SO-HostName
m-ad350.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-IP
116.90.74.202
sd
jp-u.openx.net/w/1.0/ Frame 46A2
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQtTxRAw7F57ks8ADxwUuzjZjM8AAAGEoFIZ_w
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQtTxRAw7F57ks8ADxwUuzjZjM8AAAGEoFIZ_w
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQtTxRAw7F57ks8ADxwUuzjZjM8AAAGEoFIZ_w
cache-control
no-cache
content-length
0
x-amz-cf-id
2rEYiK_1MmW97_6M3taGowuvwocQQrpqs-Unhqu6GpewGusXkTC7aA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 46A2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzA1ZGJmMmEtZDQ1NC0yYzA2LWVhMWYtNjgwNDQyMDAxYmU4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 46A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH4qlRLEMiRclTmwtdnUk5o&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH4qlRLEMiRclTmwtdnUk5o&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH4qlRLEMiRclTmwtdnUk5o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0AB3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=4173014957902616&bg=!pKelp-PNAAbvMpMzzzI7ACkAdvg8WsXK0iIU9P_GcIZTsXTEQ953Ij-EAu1WXXGQtnGZ6lBPYmu3CwIAAACWUgAAAANoAQeZArs5KJz6z3nJ87BPdTQeipGSg7zhWY-O9f3KBcgQGbqVXacHQlyW7rA3dWwZAWsC3qULb3P1tawfJNinuT1eIXPiiX933JTzJOycqPN1uVZERw2HSv-bBTKddohJkURjdaeZQxHUhE5WXD6jAacAe6JepixdDaE6oAq1m3J6w1BGNZ1d-kAAtv7smMYlnhRRquaPkB7i_E2o-IRB1PNa-GUBiYnVzMuD0q7DqOnbmypRCFN25SjVhkq2WqaoHhWJ3PZEWYvsu6Lzs_uw1nVyUGmw_6eJGoevD3bRF4Tpp6o2jbtIrgVFjZRS5KjMTqSy8RxwngoSaYMbWvxAidPCypwj-XVxB_R-4UHleqpRcNDQAFTwHmRlXiyUC5-5GgOXnunDwZn6hM9wQK-I8p__3UgIymnN7fxnE5MjecDbUyx4fd-q9aICUY5nKuTFmrP5PWM4eLn2xHq6FSIvIpYpsDtqd36zhpZsw2baTH1mR63nvhS0ge7HWOOlPL2VJaIuDRSDoGh2CvSkq40sUI7WwjVC161OFbhTos3qqK-e0NCRs0BGzA3eBVHen3mUiV0o238LpaJsWWQYaO7Y4PjgXU3j2sLKDGUWiFgTq8RDN6eeOLy0moGxPnFXBfKPqMAIhGy8IvWzcJZ31Ma5q8_OGdV4iXHsQP5_7qGpujYY9bRiIafYQYYRiRFpa8ESOCrXnW1fbhmj8HZxMWlFzTaFz6xs-AGKvODz8ays2EWS4UXeWbrVc0GC42I4bdL7OvIpdEifQj_tYPjvwAzPCyCAJpBVqR1obdGCB1uyhychVOdbV0fr_sHGTYqPH7TKiEOssSTZbSLrktW1-2shFOTj8LveXfzNpjocFoIqv7zEfU6uyY57XRCy_FCP1jAliJLuYgUH0BCA0GzdK9Eyv30WpJfSau0Y8ksFdNI8yXk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D245 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3827996945744677&bg=!FBelF1PNAAbvMpMzzzI7ACkAdvg8Wula0ldjL8zQCKedcyiC9krKt63Q1YqTHyiKdp4vD7yNHuITPwIAAACAUgAAAAZoAQeZAvmc2AzkxtvrfoDkArkO6AEUam1oLaUIm-ey9HK8Um72Hclwgi_q8YF9gn4Ot_xdEMX5MS4Sz5v-Rlo1hcJ-WRUrHu7N6TWDLtqSHhGaox17If0TQvARok5tAfkfzRaaGKc2EkaDA6a_CH0Pv7cxInGaGvpFw4LrpUJbR-rwkPXecnZf1mdVTKQc8YmwguqZbOwWXCAAMjMnRkJZnpIdoXwE4mjYvKEl2fyY2sJ62b8MVQwGsDMiJue7fCmJ1ngwunXKpieNpp_qRGXJ96fe9RReNcjhMSP6rQj2FW3OjtTVkWytCkxbDCHbwSBBHfHIJSRaT5B-tcTx8un253UHi1tqJix7Ymeg2q7IZopg3Csb1SFn9nD5eXJzmM0D2W6TUZkL6djhsF0kI9_3uIioYN5lJQFuce0ddlQadV6md8zSu1PcxV7_24KQVc41m-smGgkxVT4RKsXvCr3fD9r1JSeZTYR7ml3WTsA7AdcCGC063IT8CTEc-bZuqKC9b9l8GQrxpxIcWcVXMtFW858EY0oe-auY73u18rSGOpbZD2w487n3qenQeB13AJ52MDF_vhWfCmJRub4ZUBbn7KW-OT9ZaV644Wi-i0IdAQ6VYUShuTGjJUUbPo920abolnr8m830zJSvw46lsFNZtcyl7LQ9g5nEmlazRHNEHfPzEpVV9UxQyMJPGM-nC0Lh5NJD4U_M9BYyGB_JcMb_AVQ03EUbdpdLXOPJJ03WKMe0qgSO8nxefAsZzLP1MzhGnktVFYA_R2zXHWvp1i8bc1ddU9-Qd-dgoNuzMQS0cz2Ku9zC6Q66U7ymrAXHzkW5Yv6OiTaFWrMkyAN3p6wBiBAfxrt_FWV3mc0vGKexllLvATb8wy9fnU6bs7AtcePk_enu-1gCa0YzbGxwc8hzAb36SHFK8UBf9b0UB472vKKGG5fZ_3qNFxXrjzUN7MXU64DmMQC6sihSDqpWWyjlb6dxORK5z7EGUbh9ZwiA_70BT_-prEkozSx_ILxGdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usermatch
ssum-sec.casalemedia.com/ Frame A10A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6307d6b9062f73e77f78b149e7c9c7145c6598b14ddbe938b822371d59dc89e2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e347c68a81aaf3-SYD
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 17:10:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joE0bywI86r0yn4cMLHAMb67v4xSKwTSYKhw85irFmunWvmdN9dTTovdJzLATXicE9Q8XW5mN%2FdimdDbtz2QNPz8iylVMymprxeRBG1tB6IieQSKR3OOheMQyPVKBIeht5V%2FkHjXmaI55g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bsevent.gif
rtbc-ae1.doubleverify.com/ Frame C29F 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ae1.doubleverify.com/bsevent.gif?flvr=0&impid=a85ae9f62e1844e28e6ee69d6cc5f950&vfdur=947&cbust=1669137045208967
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/21/2022 17:10:46
bsevent.gif
rtbc-ae1.doubleverify.com/ Frame C29F 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ae1.doubleverify.com/bsevent.gif?flvr=0&impid=a85ae9f62e1844e28e6ee69d6cc5f950&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1669137045211706
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
11/21/2022 17:10:46
globalpassback_728x90.gif
cdn.besafe.global/ Frame C29F 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.besafe.global/globalpassback_728x90.gif
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-41.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 05:48:30 GMT
via
1.1 1cd5c12ec5c5433e14b730e0a6a2276c.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 20:03:13 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
40936
etag
"d7f0c1fa2fb2f6c6dc87372cf940f1d5"
x-amz-meta-sha256
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
13098
x-amz-cf-id
euzW92kHbR7ntNAcorKpvyUqh31h2W-apbiBiyi_lsEf2gdxN6c0Ng==
x-amz-meta-s3b-last-modified
20220630T185306Z
Info.svg
ad.appier.net/4QGDNtuHG/icon/ Frame C29F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Info.svg
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
UploadServer /
Resource Hash
db3bb0331e0217a9b13adc92afdce74540822e9a2094a4c640a23522f6596b88

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"552f8bf510a3f1d9444e387953f11f79"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=807987
x-cache-id
LAX-ba56a406
accept-ranges
bytes
content-length
1272
expires
Fri, 02 Dec 2022 01:37:13 GMT
Info_hover_focus.svg
ad.appier.net/4QGDNtuHG/icon/ Frame C29F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Info_hover_focus.svg
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
UploadServer /
Resource Hash
0736033dafaea5a36203b95b7562afdd3559a4c9edf234339a886347cd032bea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"d0bf34695927ab43e5c1292a22b9bc3a"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=826030
x-cache-id
LAX-ba56a406
accept-ranges
bytes
content-length
1272
expires
Fri, 02 Dec 2022 06:37:56 GMT
Close.svg
ad.appier.net/4QGDNtuHG/icon/ Frame C29F 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Close.svg
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
UploadServer /
Resource Hash
70005a712e48e89c3f725b20b3b0922ef5f13625407a0b5c3dd77daf42d95f63

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"745a2be8df143e4f3be0e0d83020aa7b"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=826314
accept-ranges
bytes
content-length
848
expires
Fri, 02 Dec 2022 06:42:40 GMT
Close_hover_focus.svg
ad.appier.net/4QGDNtuHG/icon/ Frame C29F 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.appier.net/4QGDNtuHG/icon/Close_hover_focus.svg
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
UploadServer /
Resource Hash
3c73a0cfd4d0058fe2374484019ef7ba096708d415f7435b19d4fc9cdd0807c7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Mon, 16 May 2022 14:14:38 GMT
server
UploadServer
etag
"6dbf40ccf95affe57f5e9ababaed99a5"
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=794467
accept-ranges
bytes
content-length
848
expires
Thu, 01 Dec 2022 21:51:53 GMT
n.js
geo.moatads.com/ Frame C29F 		98 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4epS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=APPIERDISPLAY1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&m=0&ar=48843429bae-clean&iw=3d12f45&q=2&cb=0&ym=0&cu=1669137045218&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&bo=728x90&bd=unknown&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&gw=appierdisplay844822012038&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jm=-1&fs=200871&na=1442912368&cs=0&ord=1669137045218&jv=1297664720&callback=DOMlessLLDcallback_36832761
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/appierdisplay844822012038/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.127.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-127-148.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
80bfa7fdbe42e7dbf0ab17b6c1c383bbd790ab6e3ec6d0778e4d2ee5cbfc7ae3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"44d52e282bb5fbfec76a06e0c7f1e79af5402444"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame C29F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=APPIERDISPLAY1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&m=0&ar=48843429bae-clean&iw=3d12f45&q=3&cb=0&ym=0&cu=1669137045218&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&bo=728x90&bd=unknown&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&gw=appierdisplay844822012038&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jm=-1&fs=200871&na=1953558034&cs=0
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 17:10:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 992C 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
9439
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Wed, 23 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C29F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b553dc1ced823dce29e1ed20cfb0f83546af3dee38c379ae238236371c6708d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame B3B6 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.89 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:45 GMT
AN-X-Request-Uuid
255eebc6-24a0-4ae0-9a60-cf422e0dc888
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 992C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1&google_push=ASkJ3FbQvkEuXfIUg-xQ57MagibM59wWRrHgd7_k2UfRaGXg2BZjXYmgG1z12qk6r4F4GCi2rCRIL91kb2AFrW55-crN-MUOyo3b
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5NDAwMzEyNDE5NTI4Mjk0Ng==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEES5c9FKrJ0L0QObx6JbVwE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 992C 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEIkJoxPRAwanwuXFvyrqB_k&google_cver=1&google_push=ASkJ3Fa8AOdHcRQUtXjmYRWPv9nLE-SvqkptvzhF_nVEsR_cDpgfZDHYwvOWpH-2YWiYiFE8EAIT8DOhUt7kQhndx64Xk9tzUTgmCg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fa8AOdHcRQUtXjmYRWPv9nLE-SvqkptvzhF_nVEsR_cDpgfZDHYwvOWpH-2YWiYiFE8EAIT8DOhUt7kQhndx64Xk9tzUTgmCg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76e347c7f9241c56-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 992C 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOLsz7RJtDFXbiY4xv0T_xM&google_cver=1&google_push=ASkJ3FZcMSbccOCVYyANmKg19vZR645AI4fbZZ1l-yhLGY-kgrfS8jzLSLKCiNjOwLO3Z4vvZv3SKdqjQ6ZWVNfW_doVU1ogsaFMvw
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 992C
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEAZMfbl3ASvci1N5aMEepy4&google_cver=1&google_push=ASkJ3FbIjIP9f-Shvlq2vR0Xm35bSrJ-Z7gv981sHVRIFQ3ZdvWogFh_atMwF2wUu4eDpuPN7tEWDgQ1dsStX00hecZUoXOFsciEtw
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VGpvTU9CcDZBYi1GZXFQTmt3SjlZdw%3D%3D&google_push=ASkJ3FbIjIP9f-Shvlq2vR0Xm35bSrJ-Z7gv981sHVRIFQ3ZdvWogFh_atMwF2wUu4eDpuPN7tEWDgQ1dsStX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VGpvTU9CcDZBYi1GZXFQTmt3SjlZdw%3D%3D&google_push=ASkJ3FbIjIP9f-Shvlq2vR0Xm35bSrJ-Z7gv981sHVRIFQ3ZdvWogFh_atMwF2wUu4eDpuPN7tEWDgQ1dsStX00hecZUoXOFsciEtw
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VGpvTU9CcDZBYi1GZXFQTmt3SjlZdw%3D%3D&google_push=ASkJ3FbIjIP9f-Shvlq2vR0Xm35bSrJ-Z7gv981sHVRIFQ3ZdvWogFh_atMwF2wUu4eDpuPN7tEWDgQ1dsStX00hecZUoXOFsciEtw
date
Tue, 22 Nov 2022 17:10:45 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
google_sync_status
x.bidswitch.net/ Frame 992C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1&google_push=ASkJ3FYg4PtQ_cCXGvrABIsKNQsJrHUdsykL5KTvuEEPO8Zxs2_w1bEB6kHWlMZEesrKyaNIGFyR-866FkTsrNZUixTY...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c4f076fd-3068-43b4-ae94-9c197b93f2f7&user_group=1&ssp=google&bsw_param=08d208db-7f04-43af-9c49-869895b60547
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=CNII238EQ6-cSYaYlbYFRw==
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHwOAxSD7ohJch1BS4bbm6I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 992C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPJ2XahEqJt8u1qVHouIFyI&google_cver=1&google_push=ASkJ3FbyKXfdue3HQq68GL1hkMU4a_4u59iGlghV_uMwn1FnndOO7cQLJ38WveqgKJKe6BiaJiHBdTgtvuQ6at-Cw0yz1Dx...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbyKXfdue3HQq68GL1hkMU4a_4u59iGlghV_uMwn1FnndOO7cQLJ38WveqgKJKe6BiaJiHBdTgtvuQ6at-Cw0yz1DxsIEzW&google_hm=NTkzNjA3MTIwMjI5Mjk3NT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbyKXfdue3HQq68GL1hkMU4a_4u59iGlghV_uMwn1FnndOO7cQLJ38WveqgKJKe6BiaJiHBdTgtvuQ6at-Cw0yz1DxsIEzW&google_hm=NTkzNjA3MTIwMjI5Mjk3NTA0OA%3D%3D
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Nov 2022 17:10:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FbyKXfdue3HQq68GL1hkMU4a_4u59iGlghV_uMwn1FnndOO7cQLJ38WveqgKJKe6BiaJiHBdTgtvuQ6at-Cw0yz1DxsIEzW&google_hm=NTkzNjA3MTIwMjI5Mjk3NTA0OA%3D%3D
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 992C
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEFw5AqwqxtX9pLxzKupvQ6c?ext-param=ASkJ3Fb0dtxiOzMx7tXljXXSVY9rvI4edgNmI775bqVM6AZWUXuGdfQJL_sZ4M6erCkESBN1IVqRL4zfWxftT_jBsCXNfdFlZ31at1M&partner-tag=yandex_a...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEFw5AqwqxtX9pLxzKupvQ6c&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
77.88.21.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 07 Nov 2023 17:10:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 992C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IemaPinoelesSZTdJYb1AuIgkZsKWpQhL2V_dacoM2H2XsnfJSaN1MyPQZGyzBVQsrnwJ4sA
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 0868 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59775916c5dc568fd4d2ea64b09d0b2d9def879f13d1a7382636cf70fe716c03

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 20:11:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10857
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 20:11:42 GMT
sync
gum.criteo.com/ Frame 6D42 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0baa3d3142dea93009fc420023ea0be47a2bd80cdf32e74c8bda6827415f7904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1468518
expires
60
usync.html
eus.rubiconproject.com/ Frame 512E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 17:10:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 17:10:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 28F6
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Drkt%26refUrl%3D%26vid%3D913704563431213864574442480...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=rkt&refUrl=&vid=91370456343121386457444248000V10&ovsid=1976306190189114144
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=rkt&refUrl=&vid=91370456343121386457444248000V10&ovsid=1976306190189114144
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Tue, 22 Nov 2022 17:10:47 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 22 Nov 2022 17:10:47 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=rkt&refUrl=&vid=91370456343121386457444248000V10&ovsid=1976306190189114144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F227 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137144
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 17:10:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 24 Nov 2022 07:16:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dapx%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=apx&refUrl=&vid=91370456343121386457444248000V10&ovsid=1531151141028342390
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=apx&refUrl=&vid=91370456343121386457444248000V10&ovsid=1531151141028342390
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:45 GMT
AN-X-Request-Uuid
2fe0d80a-dceb-45e1-ac3e-c54a7793a3bd
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=apx&refUrl=&vid=91370456343121386457444248000V10&ovsid=1531151141028342390
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3121386457444248...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=opx&refUrl=&vid=91370456343121386457444248000V10&ovsid=d41e057f-b623-4842-9cb0-4cd33a0d4754
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=opx&refUrl=&vid=91370456343121386457444248000V10&ovsid=d41e057f-b623-4842-9cb0-4cd33a0d4754
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:46 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

date
Tue, 22 Nov 2022 17:10:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3121386457444248000V10&type=opx&refUrl=&vid=91370456343121386457444248000V10&ovsid=d41e057f-b623-4842-9cb0-4cd33a0d4754
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dmma%26refUrl%3D%26vid%3D913704563431213864574442...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=mma&refUrl=&vid=91370456343121386457444248000V10&ovsid=e073637d-0294-4b00-bf16-cba7f46ad359
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=mma&refUrl=&vid=91370456343121386457444248000V10&ovsid=e073637d-0294-4b00-bf16-cba7f46ad359
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

Date
Tue, 22 Nov 2022 17:10:45 GMT
Server
MT3 169 32252b7 master nrt-pixel-x8 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=mma&refUrl=&vid=91370456343121386457444248000V10&ovsid=e073637d-0294-4b00-bf16-cba7f46ad359
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Nov 2022 17:10:44 GMT
usersync
usersync.gumgum.com/ Frame 6D42
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dr1%26refUrl%3D%26vid%3D91370456343121386457...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dr1%26refUrl%3D%26vid%3D91370456343121...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4609996012
  • https://sync.1rx.io/usersync/tradedesk/fc203268-cedd-47ec-b726-b552b95aa490
  • https://sync.targeting.unrulymedia.com/csync/RX-ddefb627-40b3-4b29-9fba-627851a12714-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ddefb627-40b3-4b29-9fba-627851a12714-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
0
0
cksync
cs.media.net/ Frame 6D42
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzEyMTM4NjQ1NzQ0NDI0ODAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECfUdX7i6JVW16xDO9_WnT8&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECfUdX7i6JVW16xDO9_WnT8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESECfUdX7i6JVW16xDO9_WnT8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Ddxu%26refUrl%3D%26vid%3D91370456343121386457444...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Ddxu%26refUrl%3D%26vid%3D91370456343121386...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=dxu&refUrl=&vid=91370456343121386457444248000V10&ovsid=1LrlEmRL1OXwNg5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=dxu&refUrl=&vid=91370456343121386457444248000V10&ovsid=1LrlEmRL1OXwNg5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:47 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-052f9362e060162a9@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=dxu&refUrl=&vid=91370456343121386457444248000V10&ovsid=1LrlEmRL1OXwNg5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=73e167b2-c275-45e1-a964-8922e6f63ca3
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=73e167b2-c275-45e1-a964-8922e6f63ca3
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=73e167b2-c275-45e1-a964-8922e6f63ca3
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1151894
content-length
0
expires
Tue, 22 Nov 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=08d208db-7f04-43af-9c49-869895b60547&google_hm=MDhkMjA4ZGItN2YwNC00M2FmLTljNDktODY5ODk1YjYwNTQ3
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECB0-b0wnOAOrohyyFFH5_8&google_cver=1&ssp=medianet&bsw_param=08d208db-7f04-43af-9c49-869895b60547
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08d208db-7f04-43af-9c49-869895b60547&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08d208db-7f04-43af-9c49-869895b60547&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:46 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=08d208db-7f04-43af-9c49-869895b60547&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 22 Nov 2022 17:10:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
23178
stags.bluekai.com/site/ Frame 6D42
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dzem%26refUrl%3D%26vid%3D91370456343121386457444248...
  • https://stags.bluekai.com/site/23178?id=96pxjWUQIcXFw6RbIeKe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
cksync.php
contextual.media.net/ Frame 6D42
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3121386457444248000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3121386457444248000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=a3f6813b-8c20-4ac8-bf77-d35dc4b01932&cs=1
0
0
um
cs.emxdgt.com/ Frame 6D42 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Demx%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.221.194 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 6D42
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=fc203268-cedd-47ec-b726-b552b95aa490
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=fc203268-cedd-47ec-b726-b552b95aa490
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Tue, 22 Nov 2022 17:10:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=fc203268-cedd-47ec-b726-b552b95aa490
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
xuid
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=fc203268-cedd-47ec-b726-b552b95aa490&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=fc203268-cedd-47ec-b726-b552b95aa490&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=fc203268-cedd-47ec-b726-b552b95aa490&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzExMDU3OTA0MzU4NTY3NTg1NzM2OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA_fqSkL4kHh3sgpzHdWZvg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA_fqSkL4kHh3sgpzHdWZvg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEA_fqSkL4kHh3sgpzHdWZvg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CBBC
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzExMDU3OTA0MzU4NTY3NTg1NzM2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzExMDU3OTA0MzU4NTY3NTg1NzM2OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzExMDU3OTA0MzU4NTY3NTg1NzM2OA%3D%3D
date
Tue, 22 Nov 2022 17:10:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame CBBC
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3110579043585675857368&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3110579043585675857368&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=10d6a9d1-16be-41c6-b746-dd2e177126a6&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=10d6a9d1-16be-41c6-b746-dd2e177126a6&_noobservation=1&_expected_cookie=b34024b...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=10d6a9d1-16be-41c6-b746-dd2e177126a6&_noobservation=1&_expected_cookie=b34024b28d0558e8d92477e0d61c9d0d
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.98.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Tue, 22 Nov 2022 17:10:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e347d2f9f4aac1-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=10d6a9d1-16be-41c6-b746-dd2e177126a6&_noobservation=1&_expected_cookie=b34024b28d0558e8d92477e0d61c9d0d
date
Tue, 22 Nov 2022 17:10:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
76e347d15905aac1-SYD
content-length
0
xuid
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3110579043585675857368&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1b70ebdc8c224d859647fb381020fb20&ssp=triplelift&bsw_param=08d208db-7f04-43af-9c49-869895b60547&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=08d208db-7f04-43af-9c49-869895b60547&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=08d208db-7f04-43af-9c49-869895b60547&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 22 Nov 2022 17:10:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=08d208db-7f04-43af-9c49-869895b60547&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 22 Nov 2022 17:10:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3110579043585675857368?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iYAElblE2oRz5HGj2KNNLpGcAtmJHxqpgy_YuMCC6A--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iYAElblE2oRz5HGj2KNNLpGcAtmJHxqpgy_YuMCC6A--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 22 Nov 2022 17:10:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iYAElblE2oRz5HGj2KNNLpGcAtmJHxqpgy_YuMCC6A--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame CBBC
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3110579043585675857368
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3110579043585675857368&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3110579043585675857368&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XG092WNT8Z2QTC3S2GSY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3110579043585675857368&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame CBBC 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3110579043585675857368&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 974F4896FD23483CA53AF5BEA0E28C17 Ref B: SYD03EDGE1517 Ref C: 2022-11-22T17:10:46Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame CBBC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1531151141028342390&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1531151141028342390&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
AN-X-Request-Uuid
40bd8808-49fe-4761-af22-6df7b02fcbfa
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1531151141028342390&dongle=4d58&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A10A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4ZXM79P321ED5DRMACWD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N7ET53NAZPV1EJ23BK0Q
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A10A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBo_foYbVT0CKKVFJPmFPDY&google_cver=1
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBo_foYbVT0CKKVFJPmFPDY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yM7%2BJ%2F7mBI6VR5B9PIxmElraK%2F7n3%2BoJ9d8AcR6HpwcJH03vDoGa2fTs8tfWPmWuOrWNYZfkDFcrhQBW9JngXXKt2TJMj%2F5UHejdYNVfHVVrlX5WlEfFee2QA2sgWFpRSgEjd209M0fHJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76e347cacb2bdfaf-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEBo_foYbVT0CKKVFJPmFPDY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A10A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=fc203268-cedd-47ec-b726-b552b95aa490&expiration=1671729045&gdpr=0&gdpr_consent=
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=fc203268-cedd-47ec-b726-b552b95aa490&expiration=1671729045&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=fc203268-cedd-47ec-b726-b552b95aa490&expiration=1671729045&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A10A 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame A10A 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.5.65 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-5-65.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A10A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
date
Tue, 22 Nov 2022 17:10:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame A10A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e073637d-0294-4b00-bf16-cba7f46ad359
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e073637d-0294-4b00-bf16-cba7f46ad359
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Tue, 22 Nov 2022 17:10:46 GMT
Server
MT3 169 32252b7 master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=e073637d-0294-4b00-bf16-cba7f46ad359
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Nov 2022 17:10:45 GMT
indexexchange
sync.adotmob.com/cookie/ Frame A10A 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame A10A 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y30ClAt9L6pgBbxwFyHaOwAA%264694
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
17627
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76e347cbece11c53-AKL
content-length
43
expires
Wed, 23 Nov 2022 17:10:46 GMT
log
c21lg-d.media.net/ Frame 6D42 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=anYnDQgg5PQLkcdDk9IFyBGqoa5oxBKb&cs=15&vsid=3121386457444248000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 22 Nov 2022 17:10:47 GMT
13926
g2.gumgum.com/usync/ Frame 021C 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.208.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-208-41.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
949b9877bceb40637a1c436a85f2bd850e3ca482157b60964d77d792af940a64

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 22 Nov 2022 17:10:46 GMT
etag
W/"0126fe7a0f1d6025aedc1a35b761966f5"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 36FB 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 75CF 		988 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
209de0f9c57069bf3d2137458ee5f03be5894f6b02ec5bcabaa99b44bf5bea1b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
988
content-type
text/html
date
Tue, 22 Nov 2022 17:10:46 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B42E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29cf8beec57699d3d9c73a3bd4483c6fece6af7021539fa6877542980da36a46

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e347cacb29dfaf-SYD
content-encoding
br
content-type
text/html
date
Tue, 22 Nov 2022 17:10:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlfhnUjx6tRSEanWeyw2%2BOe3qhxIp0sjR2h83tRaP3qE7InseEvdYnj9jfya8O4YMTmKKMWZpXUnOrFZbJ0XCnzrmXnJtv%2B0REFYAvQuqCGhBiffOMnMkHKTFTSfXNJQFv6f9UTWStXBfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1D14
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 17:10:46 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 17:10:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F9ED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137144
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 17:10:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 24 Nov 2022 07:16:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 73FD 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-40.sin2.r.cloudfront.net
Software
/
Resource Hash
ff6835d231a2aa87b7cc33efa0427ceffc56586923b397a6496ff72377b46539

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Tue, 22 Nov 2022 17:10:46 GMT
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-id
bCOymq96VpD2PX6mtuPU4lrVVrGk9680B8Wclp7IsOS-wnCm9Ym4UQ==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame 3CFE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1531151141028342390
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1531151141028342390
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
AN-X-Request-Uuid
ff2f4bfe-cc3a-48b0-9597-62eda35bfb4b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=1531151141028342390
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3CFE
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FseGCRZHcRsfuCAyTBy1av7P
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FseGCRZHcRsfuCAyTBy1av7P
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FseGCRZHcRsfuCAyTBy1av7P
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 3CFE
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FseGELZHNWp5Cnm_SKiyBk1E
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FseGELZHNWp5Cnm_SKiyBk1E
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Tue, 22 Nov 2022 17:10:47 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FseGELZHNWp5Cnm_SKiyBk1E
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
usersync.gumgum.com/ Frame 3CFE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1669137046465
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2543465206
  • https://sync.1rx.io/usersync/tradedesk/fc203268-cedd-47ec-b726-b552b95aa490
  • https://sync.targeting.unrulymedia.com/csync/RX-ddefb627-40b3-4b29-9fba-627851a12714-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ddefb627-40b3-4b29-9fba-627851a12714-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
0
0
sync
ads.servenobid.com/ Frame 3CFE
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1992631737839472871
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1992631737839472871
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1992631737839472871
Date
Tue, 22 Nov 2022 17:10:47 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 3CFE 		0
0
cookie
cm.adform.net/ Frame 3CFE
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F38902%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D817db9b2-030d-4078-a182-7c02...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F38902%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.5.141 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F38902%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Tue, 22 Nov 2022 17:10:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 3CFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
date
Tue, 22 Nov 2022 17:10:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
0
prebid.a-mo.net/cchain/ Frame 3CFE
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqU2h0dHBzOi8vYWRz...
0
0
sync
ads.servenobid.com/ Frame 3CFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
date
Tue, 22 Nov 2022 17:10:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/fyN-lExxaf_Ok3i_h0-rbg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5936071202292975048
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5936071202292975048
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 22 Nov 2022 17:10:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5936071202292975048
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0868
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xz-E_l_gSA-8Y63qVa3qKA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xz-E_l_gSA-8Y63qVa3qKA
0
0
ecm3
s.amazon-adsystem.com/ Frame 0868
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j0uqQrajT7uYruMYi44j6A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j0uqQrajT7uYruMYi44j6A
0
0
pixel
cm.g.doubleclick.net/ Frame 0868
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjRjMjQ1MmViYmRiNzAzZGVkMzAzOGU4ODU5ZDBlNjdjMGRmMmNmZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjRjMjQ1MmViYmRiNzAzZGVkMzAzOGU4ODU5ZDBlNjdjMGRmMmNmZg
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjRjMjQ1MmViYmRiNzAzZGVkMzAzOGU4ODU5ZDBlNjdjMGRmMmNmZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 0868
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LASH3IGZ-1-GRU8
0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LASH3IGZ-1-GRU8
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B0E654F4A54B4F2E882A2D44AB5E0DB6 Ref B: SYD03EDGE1707 Ref C: 2022-11-22T17:10:47Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXuEkDGNIqi3EP4Xs1hpQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LASH3IGZ-1-GRU8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKaK8EgxaFwvCxsWzBzxaVo&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKaK8EgxaFwvCxsWzBzxaVo&google_cver=1
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKaK8EgxaFwvCxsWzBzxaVo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0868
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFTSDNJR1otMS1HUlU4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFTSDNJR1otMS1HUlU4
Protocol
H3
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFTSDNJR1otMS1HUlU4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0868
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1302147398971275&bg=!YGOlYyfNAAbvMpMzzzI7ACkAdvg8Wu78GW3wN2J7PXrjtwkXEMfZo7XuFDo3ukRll4tD6dSdW2-dLQIAAABfUgAAAAJoAQcKAGPoW01ru17XvcWA68ORgihoTaFdbifLBizvPh0VtshydH3nFGjIkS--lZ-ETI9mIpY9zA0HBYaa3LlPd0q-09u5naLuheqsRThkcKlYifN2LSOk6J3OPVmPkQbXFdH1bikasRGZAp6Q7MEeLDjquWAnmwdi1Ugt2Yh3K2vvjbPhiWNv0c7XHeXreC85XjmSch5bCN2w8Nnf0FxT74bIa0LPuDuVo76YYfC4-2jIqhPkK6qnOXUr6PX2YpBaq3r_yjSQ0strQkIwwCP--5bK8Nksalzl8RWHH1EIcFGLreof3otrKIuH6hnWVYy7pT1w0ExwKFjDcPQFQQzD97UYfj02_hMJW34tB-F02w7W13af36kf8cMeBR48DlMdh0NTphqB9Y4lLBaD-HOnL_ayqMSsALEFZJsaTFCTC-1KC3_-0aXkSqJodiH51tJct98UUlYhi8_3SD5kUVznJvPwUO7DsiC4hQliH-vivN0jtojCjxmvzH4aPpwV0CSNY56VTgX2ba-pX85Dpd0CUCDm238ZY2GZTPcKx_KT3369-YK6J4N29UuG3fvjobZOqLMnoyfoG3tYNpqbBIVe2ChZVc2f3XMzRVYZW9FzU6G6vHEtLjfbnZPrghk8bDp-8-4L5Hq0QWpkD21quXxwIFCsMdqw3s5gqT_rEDpIetpz3xTjEiHhpEKMX5sK_cJSbb3UixJJcLhRNni_-XVYRhaxjRSxvw3bJrv1rIbeY6loD6OBhSZHJFhGOzr_YHNNHQ0KSurfJvTcUwYG2r7C52JVPXkcHY_zYW96VEcNTXhuAFTUF728y3KGDhSt5AZ_eP77wKNPREHoEy1k8IK9Ck7uR5WIr8I21MoAIgSO8B0WnjSIlPuqf2hbHX_vGauB7ZkiCFjjpeT7iSlMfNbtnAsEC2G1ZKCSXHnrAHDC2Hh_0luE7sLii9fJPCijk072GPHLZtP8MitJLa16CYzx7b6TfY61otn8Ifj9aNDBJ6-2XNNy3rML0_a0oQUwnxNFIKZP6aJOBlKi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame B3B6 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.89 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
AN-X-Request-Uuid
b8e37d07-c6cf-4037-8aab-51d76e4b9d6d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bridge3.546.0_en.html
imasdk.googleapis.com/js/core/ Frame C7AE 		690 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
553356
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226628
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:28:11 GMT
expires
Thu, 16 Nov 2023 07:28:11 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Nov 2022 17:10:46 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/instream/html5/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
crum
dsum-sec.casalemedia.com/ Frame B42E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1531151141028342390
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1531151141028342390
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
AN-X-Request-Uuid
5eb8cee5-eff8-429c-99ad-19530e7ff6bf
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1531151141028342390
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B42E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8594003124195282946
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8594003124195282946
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8594003124195282946
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B42E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJ-807G-gUAACBKaPnyqQ&expiration=1670346647
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJ-807G-gUAACBKaPnyqQ&expiration=1670346647
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJ-807G-gUAACBKaPnyqQ&expiration=1670346647
Date
Tue, 22 Nov 2022 17:10:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame B42E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y30ClwAKArJjgQAT
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y30ClwAKArJjgQAT
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mel11259-MEL
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1604
x-timer
S1669137048.520424,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
897

Redirect headers

x-served-by
cache-mel11259-MEL
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1669137047.905201,VS0,VE448
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y30ClwAKArJjgQAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
demconf.jpg
dpm.demdex.net/ Frame B42E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y30ClAt9L6pgBbxwFyHaOwAA%264694?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y30ClAt9L6pgBbxwFyHaOwAA%264694
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y30ClAt9L6pgBbxwFyHaOwAA%264694
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
54.186.7.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0317405ac.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9YLAuDIYTKo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-00ec6e883.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
CmMmmetKQ4g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y30ClAt9L6pgBbxwFyHaOwAA%264694
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame B42E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=io9jwzLgSg5VW7hHvO-H3nRaSso
0
0
crum
dsum-sec.casalemedia.com/ Frame B42E
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_637d029721d45&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637d029721d45
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637d029721d45
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

date
Tue, 22 Nov 2022 17:10:47 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_637d029721d45
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
23178
stags.bluekai.com/site/ Frame B42E
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=XSDgEBrVSPbPH97_ZF7T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
0
0
sync
ads.servenobid.com/ Frame B42E 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y30ClAt9L6pgBbxwFyHaOwAAElYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
stats.mainroll.com/ 		43 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mainroll.com/?pm=html5&sid=5ImTMWOHpmT4&prid=&ts=1669137046465&pp=~~00~~pushup&ev=xls&id=STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_vast_renderer_1&et=LineItem&cid=0&pid=STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_STICKY_~~03~~P_42753_120X600_104b282a_bd11_4d8d_~~00~~64_0492063b6cba_vast_renderer&pet=~~02~~Unit&at=generic&ap=inarticle&ar=&sdk=GOOGLE_IMA&sn=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-4.sin2.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:46 GMT
Via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Amz-Cf-Pop
SIN2-P1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
exROFvNcs8BLP-fI3Z_z49PasiUbhmH-W4yeeopOirqzO1A7vVb5AQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel.gif
px.moatads.com/ Frame C29F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.besafe.global%2Fglobalpassback_728x90.gif&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4epS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&cu=1669137045218&m=1098&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lh=24&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A2786%3A2786%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=39&cd=0&ah=39&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=88316248&cs=0
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 17:10:46 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F227 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24443266&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5f4d5999c52f13766ba764eba2f9a1db65856ab32d4479eba20877c9ddf1ef5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 17:10:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 021C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1531151141028342390
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1531151141028342390
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:47 GMT
AN-X-Request-Uuid
f2d41c15-60fc-4b47-b1d9-04c6acaaa3a2
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=1531151141028342390
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 021C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_09b49ade-b38d-4595-bbac-7e337451b175&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=Q0Xjc0VE7SZYTrcjFxX5JxdH5nZYT-d2TUb28XhG
  • https://usersync.gumgum.com/usersync?b=bsw&i=08d208db-7f04-43af-9c49-869895b60547
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=08d208db-7f04-43af-9c49-869895b60547
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=08d208db-7f04-43af-9c49-869895b60547
Date
Tue, 22 Nov 2022 17:10:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
sync.srv.stackadapt.com/ Frame 021C 		0
0
23178
stags.bluekai.com/site/ Frame 021C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_09b49ade-b38d-4595-bbac-7e337451b175&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=Y2-iRqZLZeesSpxpLGfD&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
usersync
usersync.gumgum.com/ Frame 021C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4813014350
  • https://sync.1rx.io/usersync/tradedesk/fc203268-cedd-47ec-b726-b552b95aa490
  • https://sync.targeting.unrulymedia.com/csync/RX-ddefb627-40b3-4b29-9fba-627851a12714-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ddefb627-40b3-4b29-9fba-627851a12714-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
0
0
usersync
usersync.gumgum.com/ Frame 021C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=Y6eaECmx19WH&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=Y6eaECmx19WH&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=Y6eaECmx19WH&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78f7f5b45c-m4qcj
expires
-1
syncUser
sync.outbrain.com/ Frame 021C
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28sWaOIjCZd4cC8P0RFbZH6rOYMnFYdH1RZjNWjrKMBxhMqkv3-C-dY3yTaiqjyZp4%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_09b49ade-b38d-4595-bbac-7e337451b175&obuid=ENC(sWaOIjCZd4cC8P0RFbZH6rOYMnFYdH1RZjNWjrKMBxhMqkv3-C-dY3yTaiqjyZp4)
0
0
usersync
usersync.gumgum.com/ Frame 021C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=eb0fc890-3536-4af4-9884-225040b2d4ce
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=eb0fc890-3536-4af4-9884-225040b2d4ce
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 22 Nov 2022 17:10:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=eb0fc890-3536-4af4-9884-225040b2d4ce
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 021C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-cV_w1klE2pe8mUQOHZpEg1pzS7s9B3k8yqLn~A
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 021C 		0
0
services
sync.technoratimedia.com/ Frame 021C 		0
0
142
match.deepintent.com/usersync/ Frame 021C 		0
0
server_match
ad.360yield.com/ Frame 021C 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 021C 		0
0
sync
ads.servenobid.com/ Frame 021C 		0
0
oRTB
sync.inmobi.com/ Frame 3B82 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F29 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137144
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 17:10:46 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 24 Nov 2022 07:16:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame D02B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=fc203268-cedd-47ec-b726-b552b95aa490
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=fc203268-cedd-47ec-b726-b552b95aa490
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Tue, 22 Nov 2022 17:10:46 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=fc203268-cedd-47ec-b726-b552b95aa490
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame FB1F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:46 GMT
Expires
Tue, 22 Nov 2022 17:10:45 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x14 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame E1C5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7
  • https://usersync.gumgum.com/usersync?b=atm&i=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 22 Nov 2022 17:10:47 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=&_test=Y30ClwAJ-FmPHAA7
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11259-MEL
x-timer
S1669137048.572564,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 8792 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wOWI0OWFkZS1iMzhkLTQ1OTUtYmJhYy03ZTMzNzQ1MWIxNzU=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 52CC 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.221.194 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 22 Nov 2022 17:10:47 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame E8AE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y30ClsCo5swAALWPft4AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y30ClsCo5swAALWPft4AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Nov 2022 17:10:46 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y30ClsCo5swAALWPft4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
46
X-SO-HostName
m-ad18.dc4p.scaleout.jp
X-SO-IP
116.90.74.202
X-SO-Key
Y30ClsCo5swAALWPft4AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":46,"gdpr":false,"ipv4":"116.90.74.202","key":"Y30ClsCo5swAALWPft4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad18"}
X-SO-LB-Hostname
a-tgng40008.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad18
gumgum
cs.admanmedia.com/sync/ Frame 59BD 		0
0
usersync
usersync.gumgum.com/ Frame 3E48
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y30ClAt9L6pgBbxwFyHaOwAA%264694
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y30ClAt9L6pgBbxwFyHaOwAA%264694
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
76e347cebe26dfaf-SYD
content-length
0
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y30ClAt9L6pgBbxwFyHaOwAA%264694
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wSLkaKMvaJhCtacVIt%2Bo7xKXAT62jMAYtJPzNR9UZM2nD%2BRT0nedf999IAJE8xXVtO%2B1KtP%2BNpMUCSObkJCsWqUOWXGaNBVWW88rvX3Gs0WaTftCBrilnrMyxJylr6CJpBB5lAIuN%2B9kA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 1FCF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=H2hTu0ipymzLWumP2Nhf&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=H2hTu0ipymzLWumP2Nhf&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 22 Nov 2022 17:10:48 GMT Tue, 22 Nov 2022 17:10:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=H2hTu0ipymzLWumP2Nhf&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame E0E8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 17:10:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 17:10:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel.gif
px.moatads.com/ Frame C29F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4epS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&cu=1669137045218&m=1266&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lh=24&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2786%3A2786%3A0%3A0&aa=0&ad=97&cn=0&gk=97&gl=0&ik=97&ic=97&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=39&cd=39&ah=39&am=39&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=10436773&cs=0
Requested by
Host: 6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
URL: https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 17:10:46 GMT
usync.js
eus.rubiconproject.com/ Frame 512E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59775916c5dc568fd4d2ea64b09d0b2d9def879f13d1a7382636cf70fe716c03

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 20:11:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10855
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 20:11:42 GMT
usync.js
eus.rubiconproject.com/ Frame 1D14 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59775916c5dc568fd4d2ea64b09d0b2d9def879f13d1a7382636cf70fe716c03

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 20:11:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10855
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 20:11:42 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=8060&cid=1680281767.1669137042&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669137041&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&dt=%E7%8E%8B%E6%AC%A3%E5%84%80%E6%8E%83%E9%99%A4%E8%B6%85%E7%B4%9A%E5%A4%A7%E9%81%95%E5%BB%BA%EF%BC%81%E3%80%80%E7%B1%B2%E9%81%B8%E6%B0%91%E3%80%8C%E5%8D%83%E8%90%AC%E4%B8%8D%E8%83%BD%E5%86%8D%E5%88%86%E7%A5%A8%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f100.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dminu...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1b70ebdc8c224d859647fb381020fb20&ssp=minutemedia&bsw_param=08d208db-7f04-43af-9c49-869895b60547&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=08d208db-7f04-43af-9c49-869895b60547
0
0
getuid
ib.adnxs.com/ Frame 73FD
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10450%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D817db9b...
  • https://prebid.a-mo.net/cchain/0/10450?gdpr=&gdpr_consent=&us_privacy=&A=817db9b2-030d-4078-a182-7c028edb2f88&bidder=index_rtb&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aW...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10450%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dappnexus%26cbx%3DaHR...
0
0
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A&gdpr=0&gdpr_consent=
0
0
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
  • https://cs.minutemedia-prebid.com/cs?aid=21508&puid=69516c59-558b-4335-a16c-b5f71c776f7c
0
0
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=00f38f49-1a5f-4a7f-9d19-0b6cce24d194
0
0
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=279f46f13512f7353132a5a544f464a2
0
0
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=3110579043585675857368
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3110579043585675857368
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
34.232.147.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
date
Tue, 22 Nov 2022 17:10:48 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=3110579043585675857368
date
Tue, 22 Nov 2022 17:10:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 73FD
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&id=1531151141028342390
0
0
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame 73FD 		0
0
cm
u.openx.net/w/1.0/ Frame 73FD 		0
0
pixel
ap.lijit.com/ Frame 73FD 		0
0
minute_media
cs.admanmedia.com/sync/ Frame 73FD 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 73FD 		0
0
us
sync.go.sonobi.com/ Frame 73FD 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 73FD 		0
0
match
ads.betweendigital.com/ Frame 73FD 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 73FD 		0
0
v1
match.sharethrough.com/universal/ Frame 73FD 		0
0
redirectuser
ssp.disqus.com/ Frame 73FD 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 73FD 		0
0
sync
rtb.mfadsrvr.com/ Frame 73FD 		0
0
services
sync.technoratimedia.com/ Frame 73FD 		0
0
/
ssc-cms.33across.com/ps/ Frame 73FD 		0
0
syncb
sync.bfmio.com/ Frame 73FD 		0
0
rtset
bh.contextweb.com/bh/ Frame 73FD 		0
0
pbsync
ads.yieldmo.com/ Frame 73FD 		0
0
sync
ads.servenobid.com/ Frame 73FD 		0
0
19fc6daa3a926256
ads.us.e-planning.net/uspd/1/ Frame 78C5
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
  • https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
872 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.120.110.136 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
65e496fce4e6aacccdd3f66805039b489b6092d6a5abbe17dbda82ce2d28f9ad

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-length
872
content-type
text/html
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Tue, 22 Nov 2022 17:10:47 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Tue, 22 Nov 2022 17:10:47 GMT
location
/uspd/1/19fc6daa3a926256?ct=1&ruidm=1&du=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21506%26id%3D$UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-726
usync.html
eus.rubiconproject.com/ Frame 6567
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-rtb.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Nov 2022 17:10:47 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 22 Nov 2022 17:10:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame B583 		0
0
sync
ads.servenobid.com/ Frame 75CF 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7202276636676851298&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.88.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-88-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bidswitch
event.clientgear.com/cookie/ Frame 75CF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 75CF
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NzIwMjI3NjYzNjY3Njg1MTI5OA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEARhU8mSFuTQTDN9Nz87Lhw&gdpr=0&gdpr_consent=&google_cver=1
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEARhU8mSFuTQTDN9Nz87Lhw&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEARhU8mSFuTQTDN9Nz87Lhw&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 75CF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y30ClwAKAvdryAAT&gdpr=0&gdpr_consent=&_test=Y30ClwAKAvdryAAT
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y30ClwAKAvdryAAT&gdpr=0&gdpr_consent=&_test=Y30ClwAKAvdryAAT
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-mel11259-MEL
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1669137048.762494,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y30ClwAKAvdryAAT&gdpr=0&gdpr_consent=&_test=Y30ClwAKAvdryAAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame 75CF
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=279f46f13512f7353132a5a544f464a2&gdpr=0&gdpr_consent=0
43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=279f46f13512f7353132a5a544f464a2&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=279f46f13512f7353132a5a544f464a2&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
13
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
all
csm.as.criteo.net/ Frame 9D21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=4UnjbEsvK-m8QHi_VuTlRqrrbRPDhL3kjudfucdGD_RX-PrY1kufjJz1AQKHm3QnPthLLRBptb8oiPzs2PldMbcIUfbVI2WqbtyhSMRkL0F0Ny7fv3EqzMOrGymDk_mkdX64itsooO0E7LODtdZHaWSutB3EaXHuR7eV1PfkXBV52Vi6mAGHRozhcPMIf0wh8qwX3MtmvpyqpIfkcRxlUz12dqEV0fjuetlV-s0E6YUFHk6Gz55yxAQzWtmeSLMiB3CMZZtBWNUxskV3&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y30CjAAOHJ8KfFFFAAEBcKCUas8_FgQycCDwYA&u=%7C7Oi82ye5cAf5BKqcKAVq%2B7I3oIgwOcJ5vU%2B%2FGCIh14s%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHIB27K7XTN0r5_C9HpqTtaR8SdOucuECRZOSimhhsL4uR3zlguh6k9CeR5aGLX8fHsuWWmiqYPbmaPK3lbxb81xp4FzfcMmkrlCY-k8anAAS6mBZlVK1Tu4Tj00yseNR_s5F4u2FULqDpoBv5JNhFQaguDjgFfoazoDiTpCo7fSSKrGl-PPyc3E6BDDE2TXGTgpsK--G6Js0RNWFyrNYfDJoJXPBA28wMs0bkX7MZBViAhT-iZdNwwXDKYK4ERyXd3S5VTxZ83cJ9SSavYHUMmHnXBVfh8jDiXHjPLEXe4ROHiI8qyaCiAnbsfPLQcjIiqMyE9xFrWUDpp47bUtlBpJcsg2UU1RxxmQpbxfXt6u-WSarm_8jw3gS4qm7-gkl5TEKOC-zdXfSw5MvPG5tn2uuf2_AsZuGzZ5DkL95vJMGQpsxlAgCf54XGfznADT-R8zlTIQ__Wdlw0bpgOYtAGZGoxx2qB2cn0UzCZSgX7W896QK3BHMRdAwAeAY3JGGzYhkV56Uvb0OILxsSoSO1cSixZSo6qgubROtxu6ldGEFdq8-6Q_E8fVpd-h66eFFRw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC010AjAJ9Y5-5OMWi8QPwgoTQC5j80bFcqoTM5IUBwI23ARABIABgq-yxheAYggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpApaDdLxSSaY-qAMBqgT8AU_QmXG7FJjSWSwK8RaPm_cZyPVCtZzBMojyR5_M8AGZrhOYDZ3nSqt9Qen5xxy5DMHAtSwFwIbFW8wUZWH7SqoZtIZ1IZCYF1K0RDr5Vo27ejCGwa2KPAkALrRmn8Zz-WbufxwHhUKZwmj7UzGJzpapfRwjaq7EE3bGs_jbW019FWKkWskA1LiS9qnH7FMN5NZJTHkoRoBdk1WSI3Dsw1J2lik2ox6zTgdR7dwukT52qNxKOAvZZHwO5Qn6oYaaopdIUSttDlldxLSq2ZE4JCohZ6l40pVd2V8SDi7dDqNLxQPhxpRjZgETymSFjqyZOvN2sUGJCM-HDnrlOIAGxpXnjd3K8aroAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_37dg0faMRBaCuxWjWSycRBDYOpsg%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Nov 2022 17:10:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
cksync.php
contextual.media.net/ Frame 512E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LASH3IGZ-1-GRU8
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LASH3IGZ-1-GRU8
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LASH3IGZ-1-GRU8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 22 Nov 2022 17:10:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Nov 2022 17:10:47 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LASH3IGZ-1-GRU8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1D14 		0
0
match
c1.adform.net/serving/cookie/ Frame 7AE1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
35 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.29 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 22 Nov 2022 17:10:48 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 22 Nov 2022 17:10:48 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9902
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
Tue, 22 Nov 2022 17:10:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 169 32252b7 master nrt-pixel-x16 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e073637d-0294-4b00-bf16-cba7f46ad359&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 0439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=
1 B
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 22 Nov 2022 17:10:47 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y30ClwAJ-FmPHAA7&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11259-MEL
x-timer
S1669137048.556894,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame B553
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xwwtc1t9dvg
1 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xwwtc1t9dvg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Tue, 22 Nov 2022 17:10:48 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xwwtc1t9dvg
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame C906
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-kZuX_xHYArhTToPrhZ0C65Ea1rhTGpa9EUYpZ07
42 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-kZuX_xHYArhTToPrhZ0C65Ea1rhTGpa9EUYpZ07
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-kZuX_xHYArhTToPrhZ0C65Ea1rhTGpa9EUYpZ07
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5424
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1531151141028342390&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1531151141028342390&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
dfab8c3f-ef78-4df0-8423-da3671aa7bbb
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Nov 2022 17:10:47 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1531151141028342390&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 565.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame B963
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Tue, 22 Nov 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
797492
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 95E3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TjoMOBp6Ab-FeqPNkwJ9Yw
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TjoMOBp6Ab-FeqPNkwJ9Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=TjoMOBp6Ab-FeqPNkwJ9Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 99A6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D-Fz50elRbxBEH4PchQOiXRaSso
0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 5BB6 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 22 Nov 2022 17:10:48 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame 2D2D 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=7230A8E3-A6FD-4047-B03F-823D0224B61C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.156.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Tue, 22 Nov 2022 17:10:48 GMT
cm
ipac.ctnsnet.com/int/ Frame 7D9F 		43 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame B557
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=408f3bd2c37648838e0f159c08aa8b1d
42 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=408f3bd2c37648838e0f159c08aa8b1d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=408f3bd2c37648838e0f159c08aa8b1d
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame E9D0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1LrlEmRL1OXwNg5&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1LrlEmRL1OXwNg5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 22 Nov 2022 17:10:46 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1LrlEmRL1OXwNg5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
sync
odr.mookie1.com/t/v2/ Frame C937
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ddefb627-40b3-4b29-9fba-627851a12714-004&rndcb=2018220774
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08d208db-7f04-43af-9c49-869895b60547&ssp=adconductor&gdpr=&gdpr_consent=
0
0
bridge
cm.adgrx.com/ Frame 1FD8 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.14.27 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
date
Tue, 22 Nov 2022 17:10:48 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1c-delivery-3
141
match.deepintent.com/usersync/ Frame 1F0B 		0
0
i.match
a.tribalfusion.com/ Frame 2BDF 		43 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
76e347d32db41c56-AKL
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
cookiesync
core.iprom.net/ Frame 1669 		0
0
/
csync.loopme.me/ Frame A943 		0
0
cksync.php
contextual.media.net/ Frame 8F27 		45 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3121386457444248000V10&type=pba&refUrl=&vid=91370456343121386457444248000V10&ovsid=7230A8E3-A6FD-4047-B03F-823D0224B61C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Tue, 22 Nov 2022 17:10:47 GMT
expires
Tue, 22 Nov 2022 17:10:47 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F227
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cjCo46b9QEewP4I9AiS2HA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
date
Tue, 22 Nov 2022 17:10:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=137143
accept-ranges
bytes
content-length
5549
expires
Thu, 24 Nov 2022 07:16:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1000.gif
idsync.rlcdn.com/ Frame F227
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=7230A8E3-A6FD-4047-B03F-823D0224B61C
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDcyMzBBOEUzLUE2RkQtNDA0Ny1CMDNGLTgyM0QwMjI0QjYxQxAAGg0Il4X0mwYSBQjoBxAAQgBKAA
0
0
SPug
image4.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e073637d-0294-4b00-bf16-cba7f46ad359
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e073637d-0294-4b00-bf16-cba7f46ad359
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 22 Nov 2022 17:10:47 GMT
Server
MT3 169 32252b7 master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e073637d-0294-4b00-bf16-cba7f46ad359
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Nov 2022 17:10:46 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzIzMEE4RTMtQTZGRC00MDQ3LUIwM0YtODIzRDAyMjRCNjFD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTP4biHhweYXXRljc0IXbY&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTP4biHhweYXXRljc0IXbY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTP4biHhweYXXRljc0IXbY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F1CF34B0661448A942986C26A80C2C9
42 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F1CF34B0661448A942986C26A80C2C9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 22 Nov 2022 17:10:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0F1CF34B0661448A942986C26A80C2C9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 21 Nov 2022 17:10:48 GMT
7230A8E3-A6FD-4047-B03F-823D0224B61C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F227 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7230A8E3-A6FD-4047-B03F-823D0224B61C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.220.163.160 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-163-160.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 22 Nov 2022 17:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fc203268-cedd-47ec-b726-b552b95aa490&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7230A8E3-A6FD-4047-B03F-823D0224B61C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hR9QNCpE2uViJbrvdfz2KdL_r0VCvr8-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hR9QNCpE2uViJbrvdfz2KdL_r0VCvr8-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3121386457444248000V10%26type%3Dpba%26refUrl%3D%26vid%3D91370456343121386457444248000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 17:10:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-hR9QNCpE2uViJbrvdfz2KdL_r0VCvr8-~A&gdpr=0&gdpr_consent=
date
Tue, 22 Nov 2022 17:10:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame F227
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487320818174853404
0
0
sync
pool.admedo.com/ Frame F227
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
0
0
cs
ad.turn.com/r/ Frame F227 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame F227 		0
0
apn
ads.playground.xyz/usersync/ Frame F227 		0
0
pixel.gif
px.moatads.com/ Frame C29F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4epS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&cu=1669137045218&m=2274&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=1731&lg=1&lh=24&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2786%3A2786%3A4566%3A4172&aa=1&ad=1107&cn=97&gn=1&gk=1107&gl=97&ik=1107&ic=1107&ez=1&co=1107&cp=1037&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1037&cd=39&ah=1037&am=39&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=393857964&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 17:10:47 GMT
usync.js
eus.rubiconproject.com/ Frame E0E8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59775916c5dc568fd4d2ea64b09d0b2d9def879f13d1a7382636cf70fe716c03

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 20:11:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10855
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 20:11:42 GMT
usync.js
eus.rubiconproject.com/ Frame 6567 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59775916c5dc568fd4d2ea64b09d0b2d9def879f13d1a7382636cf70fe716c03

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 17:10:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Nov 2022 20:11:42 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=10855
Connection
keep-alive
Content-Length
10066
Expires
Tue, 22 Nov 2022 20:11:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7945 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQkPtj5xHR6ja2nx9awHJ8WdwxCQHm0lVkMyxexcx8U-e0jX7G4_jbkMLnLEYkKTG99nErMhnlE7zNopsBjlIjLBgGsEorm-QWmhmuezpBXAWUm2gt_E0u9Re0IoMMZuSXDV4&sai=AMfl-YRg-C-9AdstghVe4hgbGjjCnFWxDSSlLNZViNS0f2lAVWADa3L0Ovgp87gdB36pJjVjOsfYKIws620B4CXrKHC4usDpvF6lLKZHTwVtSs-Y0HmOrhMI84Xm8-kiFw&sig=Cg0ArKJSzAM4Die9c2oGEAE&cid=CAQSOwDq26N9PdbL9uYqben0RjCLEMMbwxrBEzT5DsK97DiVU2zhc9wREvvmwGxYH9KgsFAC4Etam6ZqcHUkGAEgEw&id=lidar2&mcvt=1001&p=60,450,310,750&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669137042505&rpt=4094&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C29F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ5HxdyCIJF34_bje7kHv6iTjWPGJ7bQqkXplm2B0BejJ_RMigO8TWhfBAougTHClGfVfmkWdsmpWvZ3Kk-9j4QG9w&sig=Cg0ArKJSzDwXoxirVUkSEAE&cid=CAASFeRowUiDu23kOc8gh6KFLqBPlgW0rA&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669137042510&rpt=4137&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame C29F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4epS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&cu=1669137045218&m=2275&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=1731&lg=1&lh=24&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2786%3A2786%3A4566%3A4172&aa=1&ad=1107&cn=1107&gn=1&gk=1107&gl=1107&ik=1107&ic=1107&ez=1&co=1107&cp=1037&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1037&cd=1037&ah=1037&am=1037&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=651361594&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 17:10:47 GMT
usersync
usersync.gumgum.com/ Frame E0E8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LASH3IGZ-1-GRU8
  • https://usersync.gumgum.com/usersync?b=mag&i=LASH3IGZ-1-GRU8
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LASH3IGZ-1-GRU8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 22 Nov 2022 17:10:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LASH3IGZ-1-GRU8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6567 		0
0
um
u-sin01.e-planning.net/ Frame 78C5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D40b4e5d9d779b4bb%26uid%3D%24%7BUID%7D
  • https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=40b4e5d9d779b4bb&uid=25ece32f-a4bc-414b-9473-f2a809b91705
0
0
ptag
a.audrte.com/ Frame 78C5 		0
0
um
u-sin01.e-planning.net/ Frame 78C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D40b4e5d9d779b4bb%26uid%3D%24UID
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=40b4e5d9d779b4bb&uid=1531151141028342390
0
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 78C5 		0
0
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 98C8 		0
0
pixel.gif
px.moatads.com/ Frame C29F 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=1&sgs=3&vb=-1&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=APPIERDISPLAY1&ol=540716562&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-S4epS2PucglBbk5475S6XrSoK4rogWbxm7rLGdl3vY3c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-JA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.bg3.co&lp=https%3A%2F%2Fwww.bg3.co&t=1669137045218&de=924993283498&cu=1669137045218&m=2276&ar=48843429bae-clean&iw=3d12f45&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=1731&lg=1&lh=24&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A2786%3A2786%3A4566%3A4172&aa=1&ad=1107&cn=1107&gn=1&gk=1107&gl=1107&ik=1107&ic=1107&ez=1&co=1107&cp=1037&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1037&cd=1037&ah=1037&am=1037&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=adobe.com%3AMdiyqtLRQ0Sy_xPBvdlCvw%3AUkhomrwvQieqQwhkieJsig%3AZ92dqbnDTsSTGYteEZukig&bo=728x90&bd=unknown&gw=appierdisplay844822012038&zMoatOrigSlicer1=728x90&zMoatOrigSlicer2=unknown&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=200871&na=904493799&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.241.170 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-241-170.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 22 Nov 2022 17:10:48 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Nov 2022 17:10:48 GMT
vast
bid.g.doubleclick.net/dbm/ Frame C7AE 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIAR28sPLXrXZjOdsIQOO1qPw5nvvmEZgS4raKileE4coeHpML01eM6BPfk3NmsXqeZldU4BkNEVv1BbBJ5kwkPVJe8ny8_jZaDlMPHjOkvPpCD56FnZIsKP_HgGbAWA_MdGkzIkJnx6yh57dsDiBtop-qW-4it8SNrWY572ECJ_U8WlXU_Equ1x1Q692NJ3OrK8LLFWooAnO3LOKtraLwD4zjbWNEl36tQbc1M0Zxw1diR-mVfY4NZEBvUuIRMfqWzEhppCJHHRcMBbYCQuB6xjAKFSckHKV1EsFukfjfSmRykeBQrAYagIEFVA8&sai=AMfl-YTkm8wxclMXvBqUdfkdyuiSvzrQbbbCKtjaNIK8PQ3Pxm8f-rnU_-6lYF5vby4cyTg9Vw7GM7Ihr_5n0q7caZVNGUcBQCGrGoUiMuGAwS15K4PpOiC5QGPXRicAc85O&sig=Cg0ArKJSzFHVtBFEfrqjEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssniGrWw5Al9z0gbrEww3uP-fsSvI5M0mRhOPX0sRVwRjdeqcyzjykm5M7wQ_RCuLi9eDW5v1qOH4vmFg7H0E--gSK9ToOrh3WLdzAkZL__K4pvfUgv&sig=Cg0ArKJSzL1QW_dQh8AvEAE&id=lidartos&mcvt=156&p=317,65,318,66&mtos=156,156,156,156,156&tos=156,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1669137042513&rpt=519&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?cb=1669137041784
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=96pxjWUQIcXFw6RbIeKe&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJZGZYHQ2SXKVIUSY2YIZ3TMUTCJFSUWZJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4TCMZXGA2DKNRTGQZTCMRRGM4DMNBVG42DINBSGQ4DAMBQKYYTAJTWONUWIPJTGEZDCMZYGY2DKNZUGQ2DENBYGAYDAVRRGA
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?type=mf&ovsid=a3f6813b-8c20-4ac8-bf77-d35dc4b01932&cs=1
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0wYzVhNzk4MC1hOTI3LTNlMjQtYWRhMy1kZTAwMWVhMmUwODYqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMGM1YTc5ODAtYTkyNy0zZTI0LWFkYTMtZGUwMDFlYTJlMDg2MgIGEjgB%26buyeruid%3D
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xz-E_l_gSA-8Y63qVa3qKA
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j0uqQrajT7uYruMYi44j6A
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=io9jwzLgSg5VW7hHvO-H3nRaSso
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=XSDgEBrVSPbPH97_ZF7T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WCTIRTUKQTSKZJVAYSQJA4TOX22IY3VI
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=Y2-iRqZLZeesSpxpLGfD&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WJSFVUVE4K2JRNGKZLTKNYHQ4CMI5TEIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-ddefb627-40b3-4b29-9fba-627851a12714-004
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_09b49ade-b38d-4595-bbac-7e337451b175&obuid=ENC(sWaOIjCZd4cC8P0RFbZH6rOYMnFYdH1RZjNWjrKMBxhMqkv3-C-dY3yTaiqjyZp4)
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-cV_w1klE2pe8mUQOHZpEg1pzS7s9B3k8yqLn~A
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_09b49ade-b38d-4595-bbac-7e337451b175
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=08d208db-7f04-43af-9c49-869895b60547
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10450%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D817db9b2-030d-4078-a182-7c028edb2f88%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21481&id=y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A&gdpr=0&gdpr_consent=
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21508&puid=69516c59-558b-4335-a16c-b5f71c776f7c
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=00f38f49-1a5f-4a7f-9d19-0b6cce24d194
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=279f46f13512f7353132a5a544f464a2
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21484&id=1531151141028342390
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=minutemedia
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/syncb?pid=186
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=YtsER5Ztk_mm
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Domain
event.clientgear.com
URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=smartadserver&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LASH3IGZ-1-GRU8
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D-Fz50elRbxBEH4PchQOiXRaSso
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08d208db-7f04-43af-9c49-869895b60547&ssp=adconductor&gdpr=&gdpr_consent=
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDcyMzBBOEUzLUE2RkQtNDA0Ny1CMDNGLTgyM0QwMjI0QjYxQxAAGg0Il4X0mwYSBQjoBxAAQgBKAA
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6487320818174853404
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=08d208db-7f04-43af-9c49-869895b60547
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7230A8E3-A6FD-4047-B03F-823D0224B61C&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LASH3IGZ-1-GRU8
Domain
u-sin01.e-planning.net
URL
https://u-sin01.e-planning.net/um?dc=ff96d1aa62deeebd&fi=40b4e5d9d779b4bb&uid=25ece32f-a4bc-414b-9473-f2a809b91705
Domain
a.audrte.com
URL
https://a.audrte.com/ptag?p=M1353665098
Domain
u-sin01.e-planning.net
URL
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=40b4e5d9d779b4bb&uid=1531151141028342390
Domain
s.e-planning.net
URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Domain
i.e-planning.net
URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Domain
bid.g.doubleclick.net
URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CiLHyBfKsYNPmKo8IojcQZraPVKmgy-0Qt5yFgxgo-tLnDSk3zsaoxJMKoocRcEANaBPKIaR7LlDsJ-1rzmqaUmF0KrQ&cry=1&dbm_d=AKAmf-BQ_E61z_FFZjyKZNZuo1ZtiUrtxhlVA2f26VsyCpRop8blQQ-K_9NZOJkOKcDuRl2dTJeeWrK02YPQRQirJdSYf7o5sFSIwWTEF_9lQTlrVaXeUwcLRsTcZ7gHwvd7f5jd3GTzthUZrFCF47iLuQyZS0PQfBLhYGhUE4h9f-9x0XUO_TQpru1qaxH7Iu3c5_wwhoo6lHTL6Z-RVqkTZv9z1SJ9AZJrvMPkg04P9kKNuvEvgpaDYLr_9-1BiguLHLFDwo8YYYkdTp6DWT1zk6N8_1qLCP0yVUGlNEObsEfHsOdiDtgL2rHlYaMYUVW_fsjAZZG39ozMtWd0-bainCZasGWMfacaBSYEANUYyD_2aErp-rSQcSVDISDjbwlP7U3Fuuc20jtuGft61QqV8Zwah-ElaUohi_0X-gQnMeoVwInH5tdmJUrsFWJJwudQMOqDNPMRyFLzv20i8HOaGg5hujAIMaMvfurDbgQ2xrTBFJuoB64UAQAOM1f7xwgjFHX7cxIJ1nLDmO8SrA_n5psQaMKX_IwbEa-ZyINUSpTFPBHUAnqGn4J--RiaVm5lhdDMYyUXI5Rid-4fv7KlxT7P7Ls3BVdHqYfjLLGD5tATckdsS__ZT5_J-7EnexHiNjP0i_JaFRL31qGcsA0Fl8j9PMu2jNmbqcyLI6awqm1nLVfMUHeYffupEqxKepaw83jsGOcEi0OtzcG_l8nnX1V1alpqdMEiGKG9l2ZXqdDC5YaY4HPrfxSXc4yOzt3aMMx8M4Qb2R3U6vsn29PYzRGLoBIV78li8qPGHCkidTmQzpi0BjlKJG5pVzoUf7lsuKIkqANDwX-qF0QGT-ThXL07YizaLoAoTcC8RWaCo_pcCmbP6ekvuvzbz65FRFbB7-fIjJQ9B0YaP2TwydYoeQbWt1SAhFT5DIl-aA4cB7F-TTX3722NXWlAoIQ9STmHwJoFqOi77ymE9MQsbCpTNPe2KJo5l0H6IFZn39NEDr3120AAD3W2RVwzIrgwg_BV6az3MB3D4f5exco81OjGxQJc0m9LYzeuKCPzL8CY99Kc76hkUQqIpVioeyWZARG23-vWM1YHyo_gw1pcazVdV8gMjxR5eeuRIjmf1mQiwxwXkL2UitM2Mnto44uNFLt6sHUQV7ODIxGe8JZkQsOhqmgEVqQXmE5eS1t12utS2m6xb6g0hPuRVtOhoDZCJ2SzeFoacso-384-ZbGjtpG1pbpuHwr8_MFKnmtoyXI_kCYIGLh0VTjIsYWXN3Ls8RG3Pk4W-1mtukLenp9FqhHXhhf8LjvwF-NKK_1F7YvXn06BD2OlQYEzGy0Q5WDUbJfpviY5hyZELzA_ul1Ii6-f99_vj-02JheWlwYpwzmh3SD3frpM1892riKaotSHB8OlH0AA2crqB4rsNSipRQ5NkNdoMs54IQ191Okn2McTjfnwFVKTTyuEI-IVGYL9QDiznVZf1CO5Zl7aH22hP3RpqzqI3PrmYvE3WZ9Ymf5eUDH1pG0EX1pPh9XrByA9qxAHfx6ID_lfIeQqg8uJVoDFWAOnEMcmpSrl3w5oUFuwi67g6-KkbZ9ryqxwdaCqwBmcm0rpXyW-PVubD5a3elaPQ4zodk7BDoLXf4raIgKIdeJl96Ul4mW0gNUpYll2jHpXv-9_Sv6C-nF56jwkSuotZLHIMSZecD_Li_GZc1r3brEwkobusxgOAKkTI9qwYMq_xxL5KW7oKuMkxqgXGS_5UMdJdZwtdYEUANHzX6yzeZHc419AHxnBBMC2xVT16nkaf61JOp7xzXOz2MVsWfCW-4m9YbOzbjkOSdQtOsbpcDJoDVkj3ZFpbOzmVDftUGWOVRhb3fjPmfK4HrswuG9Km9uYSvS53-0lgk6ut-IcG5zDWfur8KW-zwarqjjxEoxdDG5QPqAlY-LAISZXBylCSftcWvp9y__3N1NbNXznjoIajt55COOTtcNQusFUofG3Y4lwsVoJ5toSgPlz6yAWQS8cxbAAlTXSbvjvzc12lF9kMZAx6yhk6ZoRqOlTxztvNs7ZGwkuDDByWiYdzB58-J4Mp1dy2azSJBj7atjljk59E7YJr_Cb77443mu67ZwRW8mrzU_gIx3YylgIYG6Jg_eZ7thyYx1wp4G27bPinzr72Xae5kPFbizzkuJIUKquqZGIHaUKDgKczLSYIj4wU6DpyFTwFwEhvYa5ynDA0Cm91JUsVxVliPLUL-W-W07_tUT2XrBwGGPXNG2mMKg_qtDkceJXJqqtVjP8ChmuDPpQQ2TwQalplWGX6yS-BT39klVuYIRkFtIn9Hqud1rHlV1Nwpp3w3yvkEwwBdrpOs7iYKF53AKgp4sUULJbJSjL1jYDYYhZNQChLUu3EWWfnotCIhgqqDgC1DdYT7YG79RjNyWtervOtYvI3Lf5ZzekMlbk4sEOEOJ-7DBCi5A7AOl2HcKyXQ5OT0ZhQ37VDbN6AY5XcOs6iaAZSHKlw9-2k1Du5cHJ8xkw2oj49Ab_mHrr7zzeHTveHzCukZ3_o1eHIe8IMkhJYJ9OFS02ofHlm19IMUc8M9BDw6qieyUVGWHx3mIvBHjlxLR0x9tvNSTSi15vprD7eBaaxCI11GV0nWPKcI209RoEsxhkivYtvcLZQDslhcWFz29JJKAk9GACl7KN3HR96LAXWtKrTgQA0f8pvVtl2Zat1MnVoMbFOsTZgFIetkNZf1gvgKKbqcWZkjSq3ry4ac1iuE1tY1oX3ZGFB-LjmeAJIsXchBcXu7gyqTzkpIIq1testcwhUgK7nZLT0Mn6kt9kltTxfiTgHiXbBd90_VMx-TXmuGXR3gq1buXdJi5VCXyokJ7Ws2Rj4TKqJCp8FR32pmPQMuYhrr_oFdYQfc4sz5-B1ekycZWxo9GkXUEOwmfQfZZ6hrt8Ptrsf_gizdNwkxxZI828wTzwBjFr9X3ZS1cEqXJ1ZIlFm0yIhhDehuiDCq-tb8UsYTrw0skPwYt4AEPcrr54sOp4eln3v2sZQ96FYHeSNGNivVLZNMgk6ixBFrgtKHIlA8EjYBpe5bTclaOEh0uJsxk3jETcFstIJsNikfmgSXmExrSyfFY-8xHvAsj6JtAQV6Tgt-klpV1vBbO042KeN10VYofRl-9dcFK3mLDY40VQSZjlVE61LPPd252B8EWVVNjPSvR5KkrlInNA3VKzMZyxJ7QTyGkg6Bq8DLzuyVMODi12WqAPo6HWKRnhHI32JGkgmss&cid=CAASBORoWwc&vpa=auto&vpmute=1&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=Blue%20Billywig%20Player&mpv=6.x&sdki=445&ptt=20&adk=903621930&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=0EE2B962-6D8C-4A45-B8C7-036484497E88&a3p=EhsKDmVzcC5jcml0ZW8uY29tEgAY5Z_IgsowSAA.&nel=0&eid=44748969%2C44765701&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&dt=1669137048324&ged=ve4_td17_tt1_pd17_la17000_er300.5.454.305_vi0.0.1200.1600_vp100_eb24171

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString object| adRecover function| setImmediate function| clearImmediate object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter undefined| $ undefined| jQuery function| jqAlias object| google_ad_modifications number| google_global_correlator object| google_prev_clients string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries undefined| google_measure_js_timing object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| quantserve function| __qc object| ezt object| _qoptions boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms function| instantiateBbPlayer object| bluebillywig function| parcelRequire function| parcelRequired6c3 function| triggerEventOnJQueryObject function| triggerEventOnParentById function| setAttributeOnParentById function| bbExecuteJavascript function| webpackJsonpBbSkin object| __core-js_shared__ object| tmpHead object| google_image_requests object| _google_rum_ns_ object| google_persistent_state_async function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_861623 object| closure_lm_62246

97 Cookies

Domain/Path Name / Value
s.c.appier.net/gcm2 Name: _lastau
Value: J9Yw
.3lift.com/sync Name: sync
Value: CgoIoQEQgrDIgsowCgoIgQIQgrDIgsowCgoI4gEQgrDIgsowCgoI5gEQgrDIgsowCgoIhwIQgrDIgsowCgkICRCCsMiCyjAKCQg6EIKwyILKMAoKCIwCEIKwyILKMAoJCF8QgrDIgsowCgkIHxCCsMiCyjA=
a.c.appier.net/gcm Name: _lastau
Value: J9Yw
.aralego.com/ Name: sspid
Value: 68f51386-dc42-344a-be53-ce4f52f4068c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 8b72b518-0fdf-43a7-9341-ea5cf0bc0f42
.bg3.co/ Name: __gpi
Value: UID=00000b814469d1ba:T=1669137036:RT=1669137036:S=ALNI_Mbpey5hnreUCacIlsL_0o8sBAXQAw
.doubleclick.net/ Name: IDE
Value: AHWqTUkPGxP8mppehq4TAzh4M86ElyPtJ09IQbs-KPwaFw3jU4R7k_2FyXg5B4W4KwU
.adpushup.com/ Name: ap_uid
Value: 957d5970-6a88-11ed-92b9-6045bd227128
.adpushup.com/ Name: ap_usid
Value: 957d5971-6a88-11ed-92b9-6045bd227128
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: cf9e53b9-b4a4-4d55-a529-fa55ecc5e675
.openx.net/ Name: i
Value: cf9e53b9-b4a4-4d55-a529-fa55ecc5e675|1669137039
.omnitagjs.com/ Name: ayl_visitor
Value: 279f46f13512f7353132a5a544f464a2
.rubiconproject.com/ Name: khaos
Value: LASH3IGZ-1-GRU8
.teads.tv/ Name: tt_viewer
Value: 67aa1356-74e0-49a5-986d-56d2a4d038bd
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwkIX0mwY4AUABSAEQkIX0mwYYAA..
.adnxs.com/ Name: uuid2
Value: 1531151141028342390
.quantserve.com/ Name: mc
Value: 637d0291-8c4bc-0b12a-93a80
.bg3.co/ Name: __qca
Value: P0-632526806-1669137038987
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1669137041.1.0.1669137041.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1680281767.1669137042
.bg3.co/ Name: __gads
Value: ID=7a50adee5ab81720-2280e8b39fd800a0:T=1669137036:S=ALNI_MZiGSqaPj2RmSuf5i7rUNP1x6m0Hg
.criteo.com/ Name: uid
Value: 73e167b2-c275-45e1-a964-8922e6f63ca3
.c.appier.net/ Name: _auid
Value: TjoMOBp6Ab-FeqPNkwJ9Yw
.quantserve.com/ Name: d
Value: EG4BCQHRJ4EA
.yahoo.com/ Name: A3
Value: d=AQABBJQCfWMCEHp0gTpQ64p6fUszs8xjWiIFEgEBAQFUfmOGYwAAAAAA_eMAAA&S=AQAAAuoVqULiovUi6tNBApz9OyQ
.mathtag.com/ Name: uuid
Value: e073637d-0294-4b00-bf16-cba7f46ad359
.mathtag.com/ Name: mt_mop
Value: 4:1669137044
.turn.com/ Name: uid
Value: 8594003124195282946
.bidswitch.net/ Name: tuuid
Value: 08d208db-7f04-43af-9c49-869895b60547
.bidswitch.net/ Name: c
Value: 1669137044
.bidswitch.net/ Name: tuuid_lu
Value: 1669137044
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU_qh#$l!@wnfH8K6pQK`!5=E<*L5?%K/b0)?RfT^GQY-ULn.RQ8Dj*HMe@JEKgUjC3k%nugO%v4VB%nnE4*.)#b
www.bg3.co/ Name: uuid
Value: 0EE2B962-6D8C-4A45-B8C7-036484497E88
.yandex.ru/ Name: yuidss
Value: 5105976311669137044
.yandex.ru/ Name: yandexuid
Value: 5105976311669137044
.casalemedia.com/ Name: CMID
Value: Y30ClAt9L6pgBbxwFyHaOwAA
.casalemedia.com/ Name: CMPS
Value: 4694
.casalemedia.com/ Name: CMPRO
Value: 4694
.openx.net/ Name: pd
Value: v2|1669137044|jElYiuvOiahI
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%222ebbc1a6-071c-4f62-9576-2b808492e9d8%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-22T17%3A10%3A45%22%7D
.adsrvr.org/ Name: TDID
Value: fc203268-cedd-47ec-b726-b552b95aa490
.3lift.com/ Name: tluid
Value: 3110579043585675857368
.openx.net/ Name: univ_id
Value: 537072971|fc203268-cedd-47ec-b726-b552b95aa490|1669137045471837
.media.net/ Name: visitor-id
Value: 3121386457444248000V10
.sportradarserving.com/ Name: zuuid
Value: 06540c7e-6b14-4609-894b-6f9a99234eae
.sportradarserving.com/ Name: c
Value: 1669137045
.bg3.co/ Name: cto_bundle
Value: 5jjb219od01VWGlxdGxNS01CbmRZa2poVmtScjJSUFdqWnZzJTJGZEJTbU1xQzNBUzNUc0VWU2x2aU9iZHMlMkZjNUtOaXp0MzhJTlhUVXNhYk03R1A4WkdNY3J5UUU4Q05wSXpVUERBUE1VazZ3RmNGdGZ6MSUyQlk4Njk1YkxBRVJMZUdOUzlCNDY4ZDlqMlNIdzdUQVh6VEo3TmtqUnclM0QlM0Q
.bg3.co/ Name: cto_bidid
Value: 1WJqo19GWkFqcVdxbktwOVZOWkRBanNLQXdEWlZSOTdhJTJGbjFidllPRHVuckZLRVoyZUFKV0RsSjBlYktKZ2dncVpsS21QRG5hZXZqdGxtWFhVa3pJcHBrUCUyQmRCamlkWjdRanFCNzBiaHBGTUozV3MlM0Q
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY5MTM3MDQ1fQ
.c.appier.net/ Name: _gu
Value: CAESEAZMfbl3ASvci1N5aMEepy4
.ladsp.com/ Name: cr
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aantmIx2eNkSE0U7b9fqZahH0vvvrMCcIMHur9kZbFZdGewrmPPuKcd3Zariksk6g6x4x4JcqvgmQEVf6COZdIJG6OX7e
.blismedia.com/ Name: b
Value: 637D02954D4BEE6001133B97BLIS
.ladsp.com/ Name: smn_uid
Value: yeD2ZxO3kdTKONEdHf0C-w8cFLs42Yw
.ladsp.com/ Name: lum
Value: CP-zyILKMBIFCAMQ0AU
.media.net/ Name: data-mm
Value: e073637d-0294-4b00-bf16-cba7f46ad359~~8
.sportradarserving.com/ Name: zuuid_lu
Value: 1669137046
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1669137046
.media.net/ Name: data-o
Value: d41e057f-b623-4842-9cb0-4cd33a0d4754~~8
.media.net/ Name: data-a
Value: 1531151141028342390~~8
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.a-mo.net/ Name: amuid2
Value: 817db9b2-030d-4078-a182-7c028edb2f88
.prebid.a-mo.net/ Name: sd_amuid2
Value: 817db9b2-030d-4078-a182-7c028edb2f88
.linkedin.com/ Name: li_sugr
Value: 10d6a9d1-16be-41c6-b746-dd2e177126a6
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&e5abaf79-6072-4c74-8a3e-282dc30475a1"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2952:u=1:x=1:i=1669137046:t=1669223446:v=2:sig=AQE9miZJ2SJKWzfBf8e_mf8SnqDcQSHB"
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~28ft
.w55c.net/ Name: wfivefivec
Value: 1LrlEmRL1OXwNg5
.media.net/ Name: data-c
Value: 73e167b2-c275-45e1-a964-8922e6f63ca3~~1
.media.net/ Name: data-c-ts
Value: 1669137046
.ads.pubmatic.com/ Name: KCCH
Value: YES
.gumgum.com/ Name: vst
Value: a_09b49ade-b38d-4595-bbac-7e337451b175
.media.net/ Name: data-g
Value: CAESECfUdX7i6JVW16xDO9_WnT8~~8
.bing.com/ Name: MUID
Value: 3392FC2939936D0F17A2EE4D38A16C3F
.c.bing.com/ Name: MR
Value: 0
.admixer.net/ Name: am-uid
Value: 1b70ebdc8c224d859647fb381020fb20
.w55c.net/ Name: matchmedianet
Value: 5
.servenobid.com/ Name: pid_312
Value: 1531151141028342390
pool.admedo.com/ Name: tuuid
Value: c4f076fd-3068-43b4-ae94-9c197b93f2f7
pool.admedo.com/ Name: c
Value: 1669137046
.minutemedia-prebid.com/ Name: wrvUserID
Value: YtsER5Ztk_mm
.servenobid.com/ Name: pid_337
Value: y-_zf3kn5E2uE1Kho8yBz5mM27CBuDghGVlrEzAX8-~A
.socdm.com/ Name: SOC
Value: Y30ClsCo5swAALWPft4AAAAA
.smartadserver.com/ Name: pid
Value: 7202276636676851298
.media.net/ Name: data-bs
Value: 08d208db-7f04-43af-9c49-869895b60547~~1
.media.net/ Name: data-ttd
Value: fc203268-cedd-47ec-b726-b552b95aa490~~1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJBTPkurGL2XXXrd8oPN4aCzHBCMkGG4GIDNMxgCVcbjytzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ddefb627-40b3-4b29-9fba-627851a12714-004%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.casalemedia.com/ Name: CMTS
Value: 4727
.media.net/ Name: data-xu
Value: 1LrlEmRL1OXwNg5~~8
pool.admedo.com/ Name: tuuid_lu
Value: 1669137047
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCPyUtvDQraY7EAUSFgoHcnViaWNvbhILCNb78_HQraY7EAUYASABKAIyCwjC84Wp562mOxAFOAFaC2FkY29uZHVjdG9yYAI.

31 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/83cece360c64841bd8cf383271fb6181.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/c41aa46e71ef0878dbfeed15dff26bcf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/d627225a4468461228440a03f42b7d04.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/e325615ae510a08bc00f8ae3ede9d827.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/43a172156c633ab94bce6e0067b87c44.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202201/d7c26c62da2723d98cd886a2737221a0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/8c0c72a4a61f74218daa1402f7df0382.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/6419f297d8fcb7572b5e92a3c9cbf8d8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/eaf70ce21f6e27e97d3f03228b27659c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/dedeba601f7394e18ae20b94b45b2248.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/657c11b03775353b29d6332a795dbd6a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/b9b3468f3c74344979711055b993c792.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/c4769424ca0ed252652c8b433ba8bcb9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/11d54d40060ee52ab91bd0b38704d29b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/9b797c0f1aadbd4835cb0c635c40d05a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/f7b3da8c6d131943787faa5ce577385d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/6c557eeb6171d2aa90d59f200b693876.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8d1be0c7b8d1fda99d5ed2f8a20ac642.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202112/a650849b91df0a45c8d3419ce8f7db45.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/4fbe88ac169e2087c4e3da47ec30168d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e41ac45f99c04ea6e93d0d64a1c8306a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1669137036&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137034564&bpp=13&bdt=1930&idt=1667&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5427265132123&frm=23&ife=1&pv=2&ga_vid=1652017459.1669137036&ga_sid=1669137036&ga_hid=1305131484&ga_fc=0&ga_cid=amp-cxJAY9-8aDoI572ZnNWIbg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1101491898&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44778742&oid=2&pvsid=661049901592538&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2c27scgsj607&fsb=1&dtd=1682
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2Evd2FuZy14aW4teWktc2FvLWNodS1jaGFvLWppLWRhLXdlaS1qaWFuLXh1LXh1YW4tbWluLXFpYW4tbW8tYnUtbmVuZy16YWktZmVuLXBpYW8uaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137040461&bpp=4&bdt=531&idt=478&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=5589688973120&frm=8&ife=1&pv=2&ga_vid=71806132.1669137041&ga_sid=1669137041&ga_hid=443256419&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531705%2C44770880%2C44777949%2C44779076&oid=2&pvsid=3827996945744677&tmod=873941560&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.fzkqn6dkltt3&fsb=1&dtd=496
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669137040465&bpp=1&bdt=536&idt=499&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5589688973120&frm=8&ife=1&pv=1&ga_vid=71806132.1669137041&ga_sid=1669137041&ga_hid=443256419&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44773809%2C42531705%2C44770880%2C44777949%2C44779076&oid=2&pvsid=3827996945744677&tmod=873941560&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.7j2862aiosp4&fsb=1&dtd=504
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://adpushup.bbvms.com/launchpad/?1669137043193(Line 34)
Message:
The keyword 'slider-vertical' specified to an 'appearance' property is not standardized. It will be removed in the future.
javascript warning URL: https://www.bg3.co/a/wang-xin-yi-sao-chu-chao-ji-da-wei-jian-xu-xuan-min-qian-mo-bu-neng-zai-fen-piao.html
Message:
The resource https://d-22543449742378924824.ampproject.net/2211042305000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://z.moatads.com/appierdisplay844822012038/moatad.js(Line 138)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6427fa9ed57dc0c6fd4fe0e45e546880.safeframe.googlesyndication.com
6d2367c53a9e076830c130ee73b19fae.safeframe.googlesyndication.com
a.audrte.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.appier.net
ad.turn.com
adpushup-d.openx.net
adpushup.bbvms.com
ads.aralego.com
ads.as.criteo.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b293c18c760b391362177e99ce637844.safeframe.googlesyndication.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
c.bing.com
c1.adform.net
c21lg-d.media.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.besafe.global
cdn.bluebillywig.com
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cf-syd.cdn.bluebillywig.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csm.as.criteo.net
csync.loopme.me
d-22543449742378924824.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
g2.gumgum.com
geo.moatads.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
qsearch-a.akamaihd.net
r.turn.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb0.doubleverify.com
rtbc-ae1.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.c.appier.net
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
stats.mainroll.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
theta267.rtb.appier.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u-sin01.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
vst.c.appier.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
a.audrte.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.servenobid.com
ads.yieldmo.com
ap.lijit.com
bh.contextweb.com
bid.g.doubleclick.net
contextual.media.net
core.iprom.net
cs.admanmedia.com
cs.krushmedia.com
cs.minutemedia-prebid.com
csync.loopme.me
dsum-sec.casalemedia.com
event.clientgear.com
i.e-planning.net
ib.adnxs.com
idsync.rlcdn.com
image8.pubmatic.com
match.deepintent.com
match.sharethrough.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pool.admedo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.e-planning.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync.1rx.io
sync.adotmob.com
sync.bfmio.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
u-sin01.e-planning.net
u.openx.net
usersync.gumgum.com
103.229.10.211
103.229.205.242
103.231.98.194
103.231.98.195
103.231.98.196
103.254.153.160
103.3.63.48
104.16.86.20
104.18.24.173
104.18.33.19
104.18.36.94
104.18.98.194
104.26.5.103
13.107.42.14
13.115.124.23
13.33.33.118
13.33.33.127
13.33.33.4
13.33.33.78
13.33.88.40
13.33.88.71
13.76.45.37
139.162.38.30
139.5.84.243
142.250.4.149
142.250.4.154
142.250.4.97
142.251.10.132
142.251.10.156
142.251.10.95
142.251.12.154
142.251.12.157
145.40.88.5
151.101.1.108
151.101.2.49
152.199.39.108
172.104.45.159
172.217.194.100
172.217.194.156
172.64.154.237
172.67.72.16
18.136.127.148
18.138.18.111
18.138.90.76
18.155.68.41
18.180.200.180
18.182.157.181
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.51.136.24
184.51.137.72
184.51.240.213
184.51.241.170
185.184.8.90
185.84.60.29
198.8.71.130
202.131.200.84
202.241.208.54
204.79.197.200
209.191.163.208
209.191.163.210
209.54.182.161
209.58.163.49
209.58.188.181
23.106.127.53
23.106.66.28
23.106.69.72
23.108.103.8
23.11.200.84
23.41.65.80
23.75.85.227
3.1.14.27
3.113.156.50
34.107.148.139
34.149.43.113
34.197.221.194
34.232.147.170
34.96.105.8
35.186.193.173
35.213.117.18
35.213.12.39
35.213.93.179
35.230.38.116
35.244.159.8
35.71.131.137
37.157.5.141
42.99.140.144
42.99.140.161
42.99.140.192
44.230.118.67
50.116.239.135
52.183.162.69
52.192.208.41
52.220.163.160
52.223.2.229
52.41.101.164
52.74.162.2
52.84.45.129
54.186.7.121
54.192.150.56
54.192.150.9
54.238.120.71
54.251.157.196
54.255.5.65
54.75.88.22
64.120.110.136
68.67.160.186
68.67.179.89
69.16.175.42
69.173.158.64
69.173.158.65
74.125.130.155
74.125.200.132
74.125.24.105
74.125.24.157
74.125.24.94
74.214.196.131
77.88.21.90
84.17.37.44
96.17.188.24
003cdd27ee491b05a51be1e973835f461f39c84ae283464b2d9dd65601d90346
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
026c7eea11825239eadba77c063c2bc7c8839318cb1678b1b105c2765d530cf0
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0736033dafaea5a36203b95b7562afdd3559a4c9edf234339a886347cd032bea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09bf756becc6e945e73a78609ce4229d666b80a9aa5854e8875697bb3cb24609
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b93f2a8a67e3de4727b8ea19d1808d21c6de69dfc16b2eb9057cc5c8e1ac6e4
0baa3d3142dea93009fc420023ea0be47a2bd80cdf32e74c8bda6827415f7904
0c63ce33c539e5988cd3cab50a0ac19d61b931e7a7933c219f54e82a8c4af6e8
0e9e6fdbbb30468efe352fa21e9b722b947a80bdc690723d462643fce713aadb
10e9a2cc659e17b16b0df71d0f5653566308518315338a9fed677191263e65b3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fb5f68666a3cae1cd6c8c0212a02d2b4c763cd008c0f63c9fd0d5a42935012
13acdd18ee7ee38f70cc26fdfbd0ed717930bb46114e582b918b2279e2dd5b29
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
16fde1638acb3435912efdb40c087c14570a535f0a88b712a3463d24a9dd19a7
184c4c58d360952d1c3f6f96285629c7a8a833e7d35f77f0dc400c7cac96bc24
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18dafb1afa2b4bc7be7dd3aa5c8445d0a54e9fde438dbe9c2fd0087b1a27cff1
1a7459ba69305db941bb5df26f61744b66cae5dc3013fbb9aa2acf4dc29d5c0c
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
209de0f9c57069bf3d2137458ee5f03be5894f6b02ec5bcabaa99b44bf5bea1b
218f3220f1e46f7d858f45c146e361f9a8a63337a0960df49cdcabd43c7b13a5
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
253d3586a9cdc02cbaf7fb10593643d235c629d374cb75bbd4f92909aa0c64ad
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
28f7787e826550328e75a4140836d4d3a927c014ecd5d013715780a09ee9a486
292c23cd0cb7646eed1e5951fa827a4698507c5f45bab13797559eaeaafe8007
29cf8beec57699d3d9c73a3bd4483c6fece6af7021539fa6877542980da36a46
2b0ac9627b8838abd0a554503d948784e45b809b53f3595c3cdd465f8b719e48
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2cc7ad74dbcaa64296359bbb41713809f3b8c5121ae7a085b77eb0ed024a7209
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
344a39bc96936d73fc7d30ed9023249ac41998deeecbaaf11809bcb5282b9daa
34e4ee75b03fbdd08a2ebbc35b370b0b7e735368e9300278579b4bd3377d3b38
35a1e555e134154a0969bef1bfac99253e3816adb405b648072f5ee05cf87a5f
35bb65eabf6e8ed20ab2917216f38dd2e0f00bba27cb9e2eb0bd55c62869937a
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3b553dc1ced823dce29e1ed20cfb0f83546af3dee38c379ae238236371c6708d
3b8c03014f85c9af7052666bddf2c16020b0c8cc8b86e0343f223511bf66ce8f
3bffc7f9f2142c04e14ca1af4154f4ecaf1f6e1cf249fc095cbd70d098a9d434
3c73a0cfd4d0058fe2374484019ef7ba096708d415f7435b19d4fc9cdd0807c7
3d31ae2a654aa1c5019cf935620dce6f2d0b07e40a0efdeac0f72054a0584dc8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eeb055d7d06c17cd648bdc6c32520c00d74a04c86007ed40820b0133ee01c4b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4034e8416d16b8f6bc6b45e28a5a3bcf2e6a48da816fc65f9e39a48598ab173a
40bb38cb7ab5e125d525e308d1a842e3ee07922a028d58a7aa847b479d08a830
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d40b7a790e7138fe1b460bb50b0156f65785bda4fc0e361ea29d48835cd0e84
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55240e190af93c329c339c44aef4e37701f7cac83c65df0afb7e801b7eead39f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
59775916c5dc568fd4d2ea64b09d0b2d9def879f13d1a7382636cf70fe716c03
5a54bcfc64e52d2d76d680f79ce987d2d30a70bc956226aff6160e9a0f657dfd
5ac9a3bc39aea3073a2500c40a95132ac4ae64ae94d74ddd323125a09d866aa6
5b47de43648d6cac5f54f3a12c61c6227950e6ee66ecd7a01829963dbf6e20d0
5b8af6e0edcf29acca770895afde51d2d26381b0464c022035fe137410ecd7ff
5be108e5b0d8450dc2f0cb34bcf4ae1786b31a33fc877417bc737574fa50d524
5d936bd567418367dff6e409b5ccc8b918c315d76886f11f751ebb0853b53038
5eb96458f35467a1da6649a33a6fc53bcb8ecac9e1657e93a67661a9c1ab392a
607b92f2f611d91517285696bb617942ec6b150a01c0478b7c97c68d518442cd
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6307d6b9062f73e77f78b149e7c9c7145c6598b14ddbe938b822371d59dc89e2
6348da6b652de2baefe437f72327f5bf10ed982630d4c0d092e627485169555d
63b1017abba43aa480f8f91dacd40d1275a3c70f9850518ee97d85781d1c92ee
65e496fce4e6aacccdd3f66805039b489b6092d6a5abbe17dbda82ce2d28f9ad
695f5ee80e5dae33ed10ede31105a87fa1ee498e39abe4d49cfde0e063937d2e
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b69b63f61c3457be569fac6b33588c1d4113cf9ac76a0248da7e9055e098f04
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6db2ee00fdc8573475904eb1a632cd287d891585643b33fba861b99ad9a20ad0
6dc8e0fae18390e9ef9367fa4b94c34540f239eda1f78d0eb4caf8170d108568
70005a712e48e89c3f725b20b3b0922ef5f13625407a0b5c3dd77daf42d95f63
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
80bfa7fdbe42e7dbf0ab17b6c1c383bbd790ab6e3ec6d0778e4d2ee5cbfc7ae3
8125d23926b2075a0fa03a6d3136e68b3cdcc00025381df550f30afb60d24179
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa2798b546202d710e6e7fd94417a86c4f3f8534a48ae100cdb6a692edcdccb
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
920b421933daabde5596f2c24fe6db87ce1969b9e760f3797a8e4f38cc223058
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
949b9877bceb40637a1c436a85f2bd850e3ca482157b60964d77d792af940a64
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
998b7e6456d0ff501052104b49e01528d79bbd901957811a3bb5c0c3e5d58cb5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5e534054b7c616797a164bd08f7e8cd9a4b745436758dfe99529b5d86b70302
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
a9a0263fdbfba5b5969bc9d14ae703f1df7610a2a88e7f33738975e203f9176c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
af6a6d4adaae0ed8b2229d859c0ce3d72edb70c01aa6555ec8073cc55919fa2e
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c8ab8b7c644d1a580f649a8f5e59c63aab3c1814e1586f1b766800ca44192f
b5f4d5999c52f13766ba764eba2f9a1db65856ab32d4479eba20877c9ddf1ef5
bab7d34016a2aa37f5485e329365c108bd98722d78bf0f687ba9c5e60176d00b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc20149f119bff2a300f4bc3dda331d9578cb3633315800f25026537bcbd4935
bcd632d7abefff2d13fd365f2bf30b771cb27e28d9186679e2da871b1a6ddb52
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c15ab4d82557b0e4ee71ff4bd53a96c2639647cfc99994d94a10b380da013239
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
cc049cd80f755c3403a2cae07067386eb8ffe14aaa440be334288693c1a1ca49
ce4cf6ce56f965c9ed7fbd16ae6d0b7331d4a2e774e46c94de78636f2db2f064
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d32ec09e50db1ef37a23f4bcb4e17673895c01460b2b78aed6865e9bb9c6eed1
d566e92a9512de525d537b1299d46d99151ca1eca60ecac872f5313f64f386ba
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
db3bb0331e0217a9b13adc92afdce74540822e9a2094a4c640a23522f6596b88
dbf59ed93f97fc5e2d757afcda364d23ac6c3d933356f1465543bb80816585b4
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
e0c3ba2240109750d1d89e43d766b930f697aad52f79f36e2e8f8b191c87bc7b
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e38faebb5a6d42d74b0d294dd2b03c18f010247843533812c25b47e9d2850dc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e6adbbfe4910b51b5d30763c49dea2b1873bd1627777ef9aef513e68cf584aff
e6d8e6045298dbbcb55252d0bbea9a416041ede7a1a4aa9cc309754788b7de5f
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ebc01ff5b31a9890b0006b515b1b61777273fb70fae135aa22302d7136d1d319
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eddb5d007097add975fdb3977d1ab47e4e92e03d8432f7c474f93bc649eded95
eec6851a4a5b9c800376bcccc271385f89d31dc8ab74fde108a5bf67bc0bf75b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4fa8830f3f2a0eaff0e849fd93658deb18c9f3ed838d2aed68601adfe176f1
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff6835d231a2aa87b7cc33efa0427ceffc56586923b397a6496ff72377b46539