urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Submission: On January 06 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 7 countries across 92 domains to perform 466 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 54371.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
21 142.250.4.132 15169 (GOOGLE)
47 74.125.200.154 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
1 19 74.125.24.156 15169 (GOOGLE)
3 64.120.88.131 133752 (LEASEWEB-...)
16 172.67.72.16 13335 (CLOUDFLAR...)
2 69.16.175.42 20446 (STACKPATH...)
13 74.125.68.155 15169 (GOOGLE)
3 172.253.118.155 15169 (GOOGLE)
3 142.250.4.156 15169 (GOOGLE)
8 142.250.4.154 15169 (GOOGLE)
2 74.125.200.97 15169 (GOOGLE)
2 142.250.4.113 15169 (GOOGLE)
1 172.217.194.94 15169 (GOOGLE)
1 13.33.33.118 16509 (AMAZON-02)
7 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
46 172.253.118.132 15169 (GOOGLE)
3 13 142.251.10.106 15169 (GOOGLE)
4 142.251.10.154 15169 (GOOGLE)
13 33 142.250.4.157 15169 (GOOGLE)
3 9 139.5.84.243 27381 (CASALE-MEDIA)
8 12 104.254.150.241 29990 (ASN-APPNEX)
4 74.125.24.157 15169 (GOOGLE)
2 172.253.118.148 15169 (GOOGLE)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 52.196.134.176 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
1 1 13.33.88.107 16509 (AMAZON-02)
3 3 74.118.186.44 26120 (RHYTHMONE)
4 11 52.223.2.229 16509 (AMAZON-02)
6 7 35.213.12.39 15169 (GOOGLE)
2 103.229.10.180 16509 (AMAZON-02)
2 13 34.98.64.218 396982 (GOOGLE-CL...)
1 3 184.51.137.72 16625 (AKAMAI-AS)
1 151.101.65.229 54113 (FASTLY)
1 182.161.73.145 55569 (CRITEO-AS...)
1 35.213.117.18 15169 (GOOGLE)
6 172.64.154.237 13335 (CLOUDFLAR...)
4 52.48.223.30 16509 (AMAZON-02)
3 54.150.117.252 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
3 15 51.79.234.100 16276 (OVH)
1 145.40.88.5 54825 (PACKET)
1 54.69.44.22 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 52.77.12.199 16509 (AMAZON-02)
1 13.33.33.43 16509 (AMAZON-02)
8 9 3.33.220.150 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 5 52.77.75.85 16509 (AMAZON-02)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
2 182.161.73.129 55569 (CRITEO-AS...)
2 142.250.4.95 15169 (GOOGLE)
10 142.251.12.94 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
6 184.51.136.24 16625 (AKAMAI-AS)
1 104.18.36.94 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
6 23.75.85.227 16625 (AKAMAI-AS)
1 52.84.45.129 16509 (AMAZON-02)
1 2 13.107.42.14 8068 (MICROSOFT...)
1 1 23.108.103.8 59253 (LEASEWEB-...)
2 5 52.46.128.147 16509 (AMAZON-02)
1 204.79.197.200 8068 (MICROSOFT...)
1 1 50.116.239.135 ()
1 1 124.146.215.45 2514 (INFOSPHER...)
2 2 13.33.88.20 16509 (AMAZON-02)
3 3 103.229.206.240 30419 (MEDIAMATH...)
4 69.173.158.64 ()
1 2 23.106.127.38 59253 (LEASEWEB-...)
2 3 35.190.60.146 15169 (GOOGLE)
1 103.231.98.197 ()
2 3 52.74.162.2 ()
1 1 104.254.151.36 ()
2 2 23.106.69.73 59253 (LEASEWEB-...)
1 52.221.169.30 16509 (AMAZON-02)
4 4 52.76.76.143 ()
1 172.64.151.162 ()
2 2 23.41.65.80 ()
3 184.51.240.213 ()
2 96.17.188.24 ()
1 1 182.161.73.146 ()
1 52.198.166.206 ()
1 13.33.88.73 ()
466 75
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
21    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
cdn.ampproject.org
ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com
b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
47    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
pagead2.googlesyndication.com
3    23.108.102.145 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
19    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
16    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
13    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
securepubads.g.doubleclick.net
3    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
partner.googleadservices.com
3    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
adservice.google.co.nz
8    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.com
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
2    142.250.4.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f113.1e100.net
www.google-analytics.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-3094591282289990921.ampproject.net
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
adx.holmesmind.com
7    13.76.45.37 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
46    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
tpc.googlesyndication.com
13    142.251.10.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f106.1e100.net
www.google.com
4    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
www.googletagservices.com
33    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
cm.g.doubleclick.net
9    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
12    104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
googleads4.g.doubleclick.net
2    172.253.118.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f148.1e100.net
s0.2mdn.net
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    52.196.134.176 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-134-176.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    13.33.88.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-107.sin2.r.cloudfront.net
s.ad.smaato.net
3    74.118.186.44 (Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
11    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
7    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
13    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
adpushup-d.openx.net
u.openx.net
jp-u.openx.net
3    184.51.137.72 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
sync.teads.tv
a.teads.tv
1    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
4    52.48.223.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-223-30.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    54.150.117.252 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-117-252.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    51.79.234.100 (Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.69.44.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-44-22.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    52.77.12.199 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-12-199.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
9    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
5    52.77.75.85 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-75-85.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
10    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
6    184.51.136.24 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-136-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.84.45.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-129.mrs52.r.cloudfront.net
public.servenobid.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    23.108.103.8 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    124.146.215.45 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p3.ladsp.com
3    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    69.173.158.64 (None, )

ASN- ()
pixel.rubiconproject.com
2    23.106.127.38 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
1    103.231.98.197 (None, )

ASN- ()
image8.pubmatic.com
3    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
1    104.254.151.36 (None, )

ASN- ()
secure.adnxs.com
2    23.106.69.73 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    52.221.169.30 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-169-30.ap-southeast-1.compute.amazonaws.com
d.adroll.com
4    52.76.76.143 (None, )

ASN- ()
pm.w55c.net
1    172.64.151.162 (None, )

ASN- ()
cdn.indexww.com
2    23.41.65.80 (None, )

ASN- ()
secure-assets.rubiconproject.com
3    184.51.240.213 (None, )

ASN- ()
ads.pubmatic.com
2    96.17.188.24 (None, )

ASN- ()
cs.media.net
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    52.198.166.206 (None, )

ASN- ()
g2.gumgum.com
1    13.33.88.73 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
Apex Domain
Subdomains		 Transfer
98 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com
b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
1 MB
65 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
630 KB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
4 KB
17 bg3.co
www.bg3.co — Cisco Umbrella Rank: 54371
static.bg3.co
14 KB
16 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1381
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
eus.rubiconproject.com — Cisco Umbrella Rank: 832
pixel-eu.rubiconproject.com Failed
pixel.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
38 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
333 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
8 KB
15 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2379
us-u.openx.net — Cisco Umbrella Rank: 698
adpushup-d.openx.net — Cisco Umbrella Rank: 16201
u.openx.net — Cisco Umbrella Rank: 983
jp-u.openx.net — Cisco Umbrella Rank: 6508
3 KB
15 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
htlb.casalemedia.com — Cisco Umbrella Rank: 760
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
22 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
acdn.adnxs.com — Cisco Umbrella Rank: 872
secure.adnxs.com
41 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15457
e3.adpushup.com — Cisco Umbrella Rank: 17049
campaign.adpushup.com — Cisco Umbrella Rank: 47244
239 KB
12 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 497
tlx.3lift.com — Cisco Umbrella Rank: 817
6 KB
10 gstatic.com
fonts.gstatic.com
212 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
5 KB
9 media.net
prebid.media.net — Cisco Umbrella Rank: 1875
contextual.media.net — Cisco Umbrella Rank: 788
cs.media.net
16 KB
8 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
ups.analytics.yahoo.com
4 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
grid.bidswitch.net — Cisco Umbrella Rank: 1377
8 KB
7 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 59899
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27676
sync.aralego.com — Cisco Umbrella Rank: 4367
4 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
aax-eu.amazon-adsystem.com Failed
3 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2958
public.servenobid.com — Cisco Umbrella Rank: 5816
5 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 834
gum.criteo.com — Cisco Umbrella Rank: 446
dis.criteo.com
2 KB
4 w55c.net
pm.w55c.net
3 KB
4 pubmatic.com
image8.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com Failed
17 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
192 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 11232
47 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 926
513 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 679
2 KB
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1585
a.teads.tv — Cisco Umbrella Rank: 1583
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1681
1 KB
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2703
ssbsync.smartadserver.com Failed
377 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 17090
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
908 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 980
cdn.indexww.com
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
57 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6315
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1458
pixel.quantserve.com — Cisco Umbrella Rank: 985
cms.quantserve.com Failed
10 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
107 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
493 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
80 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 21367
10 KB
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
cs.minutemedia-prebid.com Failed
5 KB
1 gumgum.com
g2.gumgum.com
usersync.gumgum.com Failed
2 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 2169
181 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1130
848 B
1 turn.com
ad.turn.com
441 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 444
668 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3328
586 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 7600
540 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3008
173 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5807
654 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1277
615 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4327
518 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1256
167 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
1 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675
576 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 914
676 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 53458
586 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 365810
1 KB
1 ampproject.net
d-3094591282289990921.ampproject.net
0 lijit.com Failed
ap.lijit.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 krushmedia.com Failed
cs.krushmedia.com Failed
0 iqzone.com Failed
cs.iqzone.com Failed
0 sharethrough.com Failed
match.sharethrough.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 loopme.me Failed
csync.loopme.me Failed
466 92
Domain Requested by
47 pagead2.googlesyndication.com www.bg3.co
pagead2.googlesyndication.com
cdn.ampproject.org
ads.aralego.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.googletagservices.com
46 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
33 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
www.bg3.co
eb2.3lift.com
u.openx.net
onetag-sys.com
g2.gumgum.com
16 static.bg3.co www.bg3.co
16 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
15 onetag-sys.com 3 redirects cdn.adpushup.com
onetag-sys.com
contextual.media.net
public.servenobid.com
cs-rtb.minutemedia-prebid.com
15 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
13 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
12 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
cdn.adpushup.com
acdn.adnxs.com
public.servenobid.com
11 eb2.3lift.com 4 redirects cdn.adpushup.com
eb2.3lift.com
10 fonts.gstatic.com fonts.googleapis.com
9 match.adsrvr.org 8 redirects cdn.adpushup.com
onetag-sys.com
g2.gumgum.com
9 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
8 adservice.google.com pagead2.googlesyndication.com
cdn.ampproject.org
securepubads.g.doubleclick.net
7 x.bidswitch.net 6 redirects onetag-sys.com
cs-rtb.minutemedia-prebid.com
7 e3.adpushup.com www.bg3.co
7 adservice.google.co.nz pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
6 contextual.media.net cdn.adpushup.com
contextual.media.net
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
5 s.amazon-adsystem.com 2 redirects eb2.3lift.com
onetag-sys.com
ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
g2.gumgum.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 pm.w55c.net 4 redirects
4 pixel.rubiconproject.com onetag-sys.com
www.bg3.co
eus.rubiconproject.com
4 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
4 adpushup-d.openx.net cdn.adpushup.com
4 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
4 googleads4.g.doubleclick.net googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
3 ups.analytics.yahoo.com 2 redirects onetag-sys.com
public.servenobid.com
cs-rtb.minutemedia-prebid.com
3 id.rlcdn.com 2 redirects onetag-sys.com
3 sync.mathtag.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 cs.media.net contextual.media.net
2 secure-assets.rubiconproject.com 2 redirects cs-rtb.minutemedia-prebid.com
2 gu.dyntrk.com 2 redirects
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 px.ads.linkedin.com 1 redirects eb2.3lift.com
www.bg3.co
2 fonts.googleapis.com tpc.googlesyndication.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 rtb2-useast.e-volution.ai 2 redirects
2 htlb.casalemedia.com cdn.adpushup.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 sync.1rx.io 2 redirects contextual.media.net
public.servenobid.com
cs-rtb.minutemedia-prebid.com
2 rtb.openx.net 2 redirects
2 s0.2mdn.net googleads.g.doubleclick.net
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 dis.criteo.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 secure.adnxs.com 1 redirects cs-rtb.minutemedia-prebid.com
1 image8.pubmatic.com onetag-sys.com
cs-rtb.minutemedia-prebid.com
1 tg.socdm.com 1 redirects
1 ad.turn.com 1 redirects
1 c.bing.com eb2.3lift.com
1 inv-nets.admixer.net 1 redirects
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 pixel.quantserve.com www.bg3.co
1 dsp.adkernel.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 ipac.ctnsnet.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 tlx.3lift.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
cs-rtb.minutemedia-prebid.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 dynalyst-sync.adtdp.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 campaign.adpushup.com www.bg3.co
1 b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adx.holmesmind.com pagead2.googlesyndication.com
1 ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-3094591282289990921.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 ap.lijit.com Failed cs-rtb.minutemedia-prebid.com
0 ads.betweendigital.com Failed cs-rtb.minutemedia-prebid.com
0 ads.yieldmo.com Failed cs-rtb.minutemedia-prebid.com
0 ssc-cms.33across.com Failed cs-rtb.minutemedia-prebid.com
0 cs.krushmedia.com Failed cs-rtb.minutemedia-prebid.com
0 cs.iqzone.com Failed cs-rtb.minutemedia-prebid.com
0 match.sharethrough.com Failed cs-rtb.minutemedia-prebid.com
0 cs.minutemedia-prebid.com Failed cs-rtb.minutemedia-prebid.com
0 creativecdn.com Failed g2.gumgum.com
0 cs.admanmedia.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 cs.emxdgt.com Failed g2.gumgum.com
0 sync-tm.everesttech.net Failed g2.gumgum.com
0 sync.inmobi.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 match.deepintent.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 cms.quantserve.com Failed g2.gumgum.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 image6.pubmatic.com Failed ads.pubmatic.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 ssp.disqus.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 sync.go.sonobi.com Failed public.servenobid.com
cs-rtb.minutemedia-prebid.com
0 ssbsync.smartadserver.com Failed public.servenobid.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 rtb.mfadsrvr.com Failed contextual.media.net
cs-rtb.minutemedia-prebid.com
0 b1sync.zemanta.com Failed contextual.media.net
g2.gumgum.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 csync.loopme.me Failed ssum-sec.casalemedia.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
466 137

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adpushup.com
R3		 2022-11-16 -
2023-02-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
teads.tv
R3		 2023-01-05 -
2023-04-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
gumgum.com
Amazon		 2022-09-06 -
2023-10-05		 a year crt.sh
*.minutemedia-prebid.com
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh

This page contains 71 frames:

Primary Page: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Frame ID: 120BF98A3BC75A443E71C6FBE49FE0E6
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Frame ID: 6FCB9043EC6868F3455154FA0DAC3112
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1BCE06E32F0AF31F142CA105A9CE783C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5494461337E9F7766881A5F6585AE38C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 235F570F5E1F273887B74350E1838766
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 418B922C80BA0A2E9FA9D185FB4C6F97
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1673010819&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010818124&bpp=4&bdt=1269&idt=1531&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6105672055831&frm=20&pv=2&ga_vid=301647917.1673010820&ga_sid=1673010820&ga_hid=695584987&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44774606%2C44779793%2C31071260%2C44780792&oid=2&pvsid=1304513170908520&tmod=1996673560&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1554
Frame ID: 4269E3FD6AFAE99F5969657B09C69A8B
Requests: 1 HTTP requests in this frame

Frame: https://ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 796A5DC5AC7881F148B070101CD84177
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: AC56B04C6670AB39877D487B7707B29A
Requests: 8 HTTP requests in this frame

Frame: https://b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5884BA0C9EC8F616B2C6670881E6F6C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Frame ID: FD4FCA33A771660016326F8E00F67754
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1371397533880750707&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3192&oid=2&is_amp=5&amp_v=2212151632002&d_imp=1&c=8036006517&ga_hid=695584987&dt=1673010821711&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&bdt=4856&dtd=464&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 91052FA2461C2BF5FD89644C4B9F4BB2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGMzb4d0BMAE&v=APEucNW5FCoDRHujAkMme3xnVSt0KwUJ3zYgmV-t3PvPbeIPJ9BYKtzrFyeWkUQ0UHEkGXbGfn6RcNEBlxuzLLciAgu2nfQCLA
Frame ID: A0571FDB53BC2C364DEAAAA568FCB53F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 893C838C49E83E5BB1D994C9B0C1EC54
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Frame ID: 2FF5A73BB6106D58EA0016D65E2F1B53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn1rgIQhbjaAhj0uNDXATAB&v=APEucNV21D8GE62BofenRBDpS5gkMe017K9gyIBesdC_aIWN5qGTBgw-hraCYKYTuAIlcgRjq4SMnDGkhThVDykthMXwQ3fMDQ
Frame ID: 4970D95A3128B4492F5420C30249E074
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Frame ID: 4AFBF3FBBF409D100E9A1EDB1D939BF6
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 70D16250942254C1E72B83F5A599C9DA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ACE9DD3016E55E2219356486BA49AE2E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 14CD3353A68E523D77F92CD3A92AC3F6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01F9010B3A5229358E589E520A57D16A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A53C9E191CB4E831CF3991BFA8A05B2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 022CA38D2339B32A3C19FD7E21F39A19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04AA3267C3C27A7CFFDAF4114A084DEE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9C8672916DEC2ABF1C04361BEC4B890
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52936A5CC477BDDC461094D632377ACB
Requests: 2 HTTP requests in this frame

Frame: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CFC8A5DCAFE3807E6DDA133C127D0761
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6790B62150CC2DB2753395F391F9268B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8EC0E2936D66AA1CA8A85165353AA23
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 908C2E71E6A98BBB995EB4440B5593C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 950945CB8D998DBEC1B0E796592191E2
Requests: 2 HTTP requests in this frame

Frame: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB50F9BBB843E3084102914CA8BDC2F2
Requests: 9 HTTP requests in this frame

Frame: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9B752EB143C6F7966207BB658F72A7D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 1E295D062D17143002992F1A514D83B4
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Frame ID: A644D4DC1AF37704622168989D64D5B6
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Frame ID: F52CCEEA5535B41B6AA855172107DEA4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56B20CED4434081D5602C310FC482A81
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 051035360AF066A4C34A570C943B7547
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: DE0A1F15201A4FE74AE938A1B31F05ED
Requests: 13 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 82CC1FABE4CB1EEEFD66A8A49503DCDE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A28A552B5411BC23A08A049750C8F4ED
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DBAE153C5E6D40CE875F05B90AE0FD76
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1673010825757
Frame ID: D79E4B5518A7B59A59204722CE30AE64
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2D84C5871A57947C633ABA63533B79C9
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BFD803E923E2E31AD976B9FDBA7F34B8
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: F1ECCCC1E508B489E18A815ACFE22FAB
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BB5416D9ABDA9D78C796CAA841A013EA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 3CF6AEAD12B1CE0881B7EFAE2B9E8ADE
Requests: 3 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Drkt%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D%7Buserid%7D
Frame ID: 0A94BD1F4ADF7C991B6F90C8DC7B4BE6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dpba%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3DPM_UID
Frame ID: 63E150E53FDBBF851DDD63F37C3ADEA1
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 82A01F964D43F1A23E2E800807BD1F52
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: D1B643FD8767C85D8C9E133E08F71DCC
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: CB33BD55AE7ABA952934FC02A2D2C385
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: FD8847EFE1E638C71751C72F01FA3478
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: E414672ADDE9020035E2A62207D1D040
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 839BEE9DE93E99C828303379DE602640
Requests: 2 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: D240DDA2386370E382DE9A76B9398B56
Requests: 25 HTTP requests in this frame

Frame: https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Frame ID: E19A6E90AA3FA20E5C66512E122991BD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8F096AC8FC4C5BB87F99738E72C23803
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Frame ID: 612D799B0B75476317F1C8F47F1F5B3B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
Frame ID: A4A4BBDB828A0A4D642A02F43C24D410
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 1038C3E8402EDAB2EBB46FFEFF9BA7BB
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wN2M4ZGZhZi1kOGExLTRjOTQtOGY5Mi0xZTEyYWQ3Nzg0MTI=&gdpr=0&gdpr_consent=
Frame ID: 6A1248A82351D54350BED73402AAC4A0
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 1F226389FA2BF23F871E44E7959CCD97
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y7gekMCo8XoAAPMYCNcAAAAA
Frame ID: B8A552A05F17DAB74631AB5C62084899
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=a_07c8dfaf-d8a1-4c94-8f92-1e12ad778412&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 19B382384AFD2E658DF2AC49A67BC6FB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y7geiJxeP2FzdA.HuTl.WwAA%264919
Frame ID: E95649AFF95C4F64062968AD61845B71
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 91D96A5A7208EF94E636F5D38245B0F9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 22A34776CC79985DEE38CCDBC7C72321
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 9BC8FDC33FAE96D00DB768859560FA8E
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
Frame ID: BE3325DCFDB95D4DC295FCC3EF387A01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2019十二星座還要衰多久?唐綺陽曝轉運關鍵 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

466
Requests

66 %
HTTPS

0 %
IPv6

92
Domains

137
Subdomains

75
IPs

7
Countries

3360 kB
Transfer

9054 kB
Size

73
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 67
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819403&bpp=12&bdt=1204&idt=2279&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=6105672055831&frm=23&ife=1&pv=2&ga_vid=628672207.1673010822&ga_sid=1673010822&ga_hid=621558140&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=986&biw=1600&bih=1200&isw=336&ish=280&ifk=2995589280&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44778780%2C31071200%2C31071364%2C44780792&oid=2&pvsid=1729501424193876&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cnjnmrkjdn8a&fsb=1&dtd=2295 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1&C=1
Request Chain 99
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7geiEDOHuqPtRq6TUqHLAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1
Request Chain 100
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMJeLDr0_UxbW_bYPqq1VZc&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMJeLDr0_UxbW_bYPqq1VZc%26google_cver%3D1
Request Chain 101
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1NjcxMjMzNzM0MjI0OTAwNg%3D%3D
Request Chain 115
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEO05NesC47v2-KM6_XRzUZM&google_cver=1&google_push=AavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO05NesC47v2-KM6_XRzUZM&google_cver=1&google_push=AavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 116
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEFTakMN8YbaSnzxcO8t7xyI&google_cver=1&google_push=AavPq0M5yAkkbHz2UHuYnJLNHXOnLjQ8F10XoHtFgN0fTn4JhqCtSfUiAJwbWbFR31u0a5Wmzc0DnOx07hgQpy5MqpefOJac2S_zmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk5MzI5NTgzNQ&google_push=AavPq0M5yAkkbHz2UHuYnJLNHXOnLjQ8F10XoHtFgN0fTn4JhqCtSfUiAJwbWbFR31u0a5Wmzc0DnOx07hgQpy5MqpefOJac2S_zmQ
Request Chain 117
  • https://rtb.openx.net/sync/dds?google_gid=CAESENxFoFpmutQNCdxYjl9Um5s&google_cver=1&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESENxFoFpmutQNCdxYjl9Um5s&google_cver=1&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP&google_hm=YYnybXTPz0g_dKGpCeLRpQ==
Request Chain 118
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELP_tbv5Am6i9g1oa6w_Byk&google_cver=1&google_push=AavPq0N94mDBdciehc1oDybVE6zFUo0Lfh-YbbyMzOfVjbLNNxHqfE8kGZcda_Mai7WrCjbH5AovwQs7qy1VrBLJwhyU6psLKs4hLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe6845f2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0N94mDBdciehc1oDybVE6zFUo0Lfh-YbbyMzOfVjbLNNxHqfE8kGZcda_Mai7WrCjbH5AovwQs7qy1VrBLJwhyU6psLKs4hLQ
Request Chain 119
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP-jBhN0WFXp2KYKldlgn2U&google_cver=1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1673010824428 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5867ca82-0a24-4af2-b300-bf3cf1b34568-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw%26google_hm%3DBFhnyoIKJEryswC_PPGzRWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw&google_hm=BFhnyoIKJEryswC_PPGzRWg
Request Chain 120
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIpz_5SdTw3l-FLw3FTN-Qg&google_cver=1&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2LSacw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2LSacw&google_gid=CAESEIpz_5SdTw3l-FLw3FTN-Qg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2LSacw
Request Chain 121
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPILv_sHyqATaoPxMcortFo&google_cver=1&google_push=AavPq0OkMmZV8fIReckXVqoe6gcRn57XIO1zBcp5ZX2naHx3qqKKU2cLLp6lJBBYyAhNv9eiQQrEdRmCFlJXo_OD3fnv25MF8HuZKJw HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPILv_sHyqATaoPxMcortFo&google_cver=1&google_push=AavPq0OkMmZV8fIReckXVqoe6gcRn57XIO1zBcp5ZX2naHx3qqKKU2cLLp6lJBBYyAhNv9eiQQrEdRmCFlJXo_OD3fnv25MF8HuZKJw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=074d7077-2f34-403b-a2aa-df0dcaff65fc&%%GOOGLE_PUSH_PAIR%%
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
Request Chain 137
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTJiMGFiOWItMTQzZS0yOGMyLWNjZTAtYjdhNzEwMTkyNTdm
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEF0XdAL18qW_IghattaDY0g&google_cver=1
Request Chain 139
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ0MDc2NzQtZmIyNy00MDA0LThkMDgtNDk5ZDU2ZTM2ODEy
Request Chain 171
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA5rUJfcejhn0q2MdSwdoP8&google_cver=1&google_push=AavPq0Ovmp4YiZeABOrKh-WbDj23ZkjlpFtOrN0AWAj-q6RLTRAwUipOm_DX5wGvf__GMri3Tb0axTsb_raOACq9LECkqwdlmKlJdqy7CTpYtuIUAAvwu2B7yX2tgmbWl9yHz3XdgLTiZ8U6tBlLwtp0R-k HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEA5rUJfcejhn0q2MdSwdoP8&google_cver=1&google_push=AavPq0Ovmp4YiZeABOrKh-WbDj23ZkjlpFtOrN0AWAj-q6RLTRAwUipOm_DX5wGvf__GMri3Tb0axTsb_raOACq9LECkqwdlmKlJdqy7CTpYtuIUAAvwu2B7yX2tgmbWl9yHz3XdgLTiZ8U6tBlLwtp0R-k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWQyZDEzOTItZTFmZi00MGViLWJjM2QtYTYyZjIzYzQ0MWQy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Request Chain 172
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEM3Zm4jhYFXgEBfZhuhZpyA&google_cver=1&google_push=AavPq0Nip4n_WGM7CZKNmEOkXUN_2m4EFJg5e6G4slv6-WHiAi7kKngqQia_z3NPkstgsB5pMKD9bl2ZjK0xJupBoBSCUi1ba7jU9ujrAzKShmWpyakPLFpzONgS-6LjmJBfwXpxVn85t53AGgI9B8R8PQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Nip4n_WGM7CZKNmEOkXUN_2m4EFJg5e6G4slv6-WHiAi7kKngqQia_z3NPkstgsB5pMKD9bl2ZjK0xJupBoBSCUi1ba7jU9ujrAzKShmWpyakPLFpzONgS-6LjmJBfwXpxVn85t53AGgI9B8R8PQ&google_hm=UGbi6pWVSVCuWXeoa5jSkss
Request Chain 174
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDAFTaJbmwWOYjeyDGD_Yyw&google_cver=1&google_push=AavPq0PW8N-htkslQsNvn7zMwssP67KWCMSelHDqy0moYZGkSy9mau3Lt_xyP-3y7QxHG7wB6UY4yNQ4qwFA9qKmRzg-XmwkoCg4IKG6k0cM9nwblsLujUpdkzoWQsA2mwx3_Ptzi6prxeqS12vdPbi1QfE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PW8N-htkslQsNvn7zMwssP67KWCMSelHDqy0moYZGkSy9mau3Lt_xyP-3y7QxHG7wB6UY4yNQ4qwFA9qKmRzg-XmwkoCg4IKG6k0cM9nwblsLujUpdkzoWQsA2mwx3_Ptzi6prxeqS12vdPbi1QfE&google_hm=eS1TemVCWHhaRTJwSENTTGVSTkpUYW8xZFdRUVZ4QW5KN35B
Request Chain 175
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFnKvQdtsJL379iscWZzZdA&google_cver=1&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXRmeMtiduOuz7aOdUcfFbl9EZwjylwq196PKssyY8rcxjGbF17yj6dAmRmOmczL1PE2UCxJsS3Yuk HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFnKvQdtsJL379iscWZzZdA%26google_cver%3D1%26google_push%3DAavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXRmeMtiduOuz7aOdUcfFbl9EZwjylwq196PKssyY8rcxjGbF17yj6dAmRmOmczL1PE2UCxJsS3Yuk HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4213833176568408785&exchange=193&google_gid=CAESEFnKvQdtsJL379iscWZzZdA&google_cver=1&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXRmeMtiduOuz7aOdUcfFbl9EZwjylwq196PKssyY8rcxjGbF17yj6dAmRmOmczL1PE2UCxJsS3Yuk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyMTM4MzMxNzY1Njg0MDg3ODU&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXRmeMtiduOuz7aOdUcfFbl9EZwjylwq196PKssyY8rcxjGbF17yj6dAmRmOmczL1PE2UCxJsS3Yuk
Request Chain 245
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 268
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 269
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&dongle=0cfd
Request Chain 300
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJJUYkPPYYw8GXKk33MatpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 302
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0
Request Chain 303
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=898597590833179577274&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=898597590833179577274&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=898597590833179577274&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D074d7077-2f34-403b-a2aa-df0dcaff65fc%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=5176348df9df425b8ce37a00c8a4af5d&ssp=triplelift&bsw_param=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=074d7077-2f34-403b-a2aa-df0dcaff65fc&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 305
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/898597590833179577274?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iEkJhXVE2oQoc650N.KVSL15rC4dHBhWnQAOUY.IGA--~A&dongle=0883
Request Chain 306
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=898597590833179577274 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=898597590833179577274&dcc=t
Request Chain 308
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6656712337342249006&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 309
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4377711341023061206&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 310
  • https://match.adsrvr.org/track/cmf/openx?oxid=bedf7851-dd49-7666-d900-ed1edafbeb1f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&ttd_puid=bedf7851-dd49-7666-d900-ed1edafbeb1f&gdpr=0&gdpr_consent=
Request Chain 311
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7gej8Co8XoAAPMYB9QAAAAA
Request Chain 312
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARd_64vt81Foks8ADzD_5JFc8M8AAAGFhzdhXA
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
Request Chain 316
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=834063b8-1e8f-4500-b5cb-f10319fa7813&gdpr=1&gdpr_consent=
Request Chain 318
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6656712337342249006
Request Chain 320
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3XuofLalbmPP8pDb6Na8vHI3rjOfCZQ
Request Chain 322
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCI-94J0GEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 323
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
Request Chain 327
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=
Request Chain 332
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&expiration=1675602831&gdpr=0&gdpr_consent=
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
Request Chain 334
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&dcc=t
Request Chain 335
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6656712337342249006
Request Chain 336
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_63b81e8fee0e7&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_63b81e8fee0e7
Request Chain 339
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tIk7TkZB1PdMxG5
Request Chain 343
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 346
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dapx%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=apx&refUrl=&vid=30108315433160124317444387000V10&ovsid=6656712337342249006
Request Chain 347
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dopx%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3160124317444387000V10&type=opx&refUrl=&vid=30108315433160124317444387000V10&ovsid=76f311ce-7649-4c86-ba4f-9370681479c3
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dmma%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=mma&refUrl=&vid=30108315433160124317444387000V10&ovsid=108b63b8-1e8f-4600-8b30-45c01ce9bb87
Request Chain 349
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dr1%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5944598434 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE2MDEyNDMxNzQ0NDM4NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOFiF78_lYje3FllONUsEP4&google_cver=1
Request Chain 351
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=dxu&refUrl=&vid=30108315433160124317444387000V10&ovsid=IfmCv1Kd1PdMxG5
Request Chain 352
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f59370ba-c557-44b9-9790-a3a5b495c3de
Request Chain 353
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Hi1DywVE2pmUZcIxqkLtmVFj_P7o2PrLMREaFQ--~A&expires=5 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=&gdpr_consent=&us_privacy=
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Request Chain 358
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M--bmvNURVaipeCBQ-a5MA&rk=usync-na
Request Chain 359
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSkc3TDctTy0xS0RJ
Request Chain 360
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/QpGNSGsu1ixhPTM-pVBA7Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s8rYw8pE2oLfHcig3tSgGepqw_Uu0actITUm5A--~A
Request Chain 361
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=&expires=30
Request Chain 362
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKJG7L7-O-1KDI
Request Chain 363
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwZDU3NDk3M2Y3ZDI1YWZjNWFlOWVjYjVlYzg0YmRlMWI1NDQ3OQ
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECnYU0eX-MMajCxazXe16MQ&google_cver=1
Request Chain 371
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 374
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6656712337342249006
Request Chain 375
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=F8O5CRZHpQa602DiRZq3oi4I
Request Chain 376
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=F8O5CRZHpQa602DiRZq3oi4I
Request Chain 377
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7334823401 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Request Chain 380
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10202%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dac9f57d1-8f83-4117-b79f-d364282eaa9b%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/10202?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=ac9f57d1-8f83-4117-b79f-d364282eaa9b&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=Y7geiJxeP2FzdA.HuTl.WwAA%264919 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10202%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dac9f57d1-8f83-4117-b79f-d364282eaa9b%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 381
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-dCG7vw9E2uHcU9tF5LgfNryVzxJJdqFFlmRRQSI-~A
Request Chain 385
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4377711341023061206
Request Chain 386
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=108b63b8-1e8f-4600-8b30-45c01ce9bb87
Request Chain 387
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
Request Chain 391
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688649232&external_user_id=271c5032-7bf6-431a-a373-bdf49363cef3
Request Chain 393
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3ZSP7lmurTU4JrjnM48R0n-UQ4ZTIpg
Request Chain 395
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
Request Chain 397
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6656712337342249006
Request Chain 399
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3702482609531795948
Request Chain 400
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GFb-db-_ssGnZe2yyX8xCzZ3XXh3fnbxc1o0BnOBHFU
Request Chain 401
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
Request Chain 411
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6656712337342249006
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_07c8dfaf-d8a1-4c94-8f92-1e12ad778412&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 415
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8881521231
Request Chain 418
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=49e2dc21-f55c-4e30-be7b-fdf312abea59
Request Chain 428
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
Request Chain 433
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y7gekMCo8XoAAPMYCNcAAAAA
Request Chain 435
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y7geiJxeP2FzdA.HuTl.WwAA%264919
Request Chain 437
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 438
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=898597590833179577274
Request Chain 444
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=27869a55-a2db-4932-a198-f4e99af861fa

466 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
www.bg3.co/a/ 		50 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d22c1fb7363241cd188fd84f32b96a68aaae5a129e450293d74f91118d1923ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Jan 2023 13:13:36 GMT
ETag
"c9db-SL64MsrIrF28dFmgcuu49/Of+5o"
Expires
Fri, 06 Jan 2023 14:13:36 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
eef6e50516dd1bc5e94db6685463176f5c05db0d2a21fe90aa3d3a3871a5b8ae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 13:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72715
x-xss-protection
0
server
sffe
etag
"2335c83c0d5cefcd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 13:13:37 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
76a862dba57901fcc377abc56285bfd9eda47c05a5cb86b80da26cc404d5d50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 13:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9680
x-xss-protection
0
server
sffe
etag
"e3094a98d196989d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 13:13:37 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5f3d992a8f5c1c422eaa51d219c1459bac9dad5cba9ecb372082de08e47b3944
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 13:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7579
x-xss-protection
0
server
sffe
etag
"44defd1436524ccc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 13:13:37 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 13:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31976
x-xss-protection
0
server
sffe
etag
"e8e1d0567eb4b7ef"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 13:13:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
328bed6a41b473ff17079933a687093a628a30e79d6e9967f1bd81afbabf8e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49453
x-xss-protection
0
server
cafe
etag
15393901136683916726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:37 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3683
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45472
last-modified
Wed, 21 Dec 2022 06:34:24 GMT
server
cloudflare
etag
"63a2a8f0-b1a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOfKB0PxYM0bvsTKGO9U7sLX5kcpGM9UQ%2B1OU3sR1j9C5iIeOlvczwKT2bbDM9HZ4jrMgNgb0luW5QUI0CvGYvzDc272QLw3PujNa0ZPATlN6dp0%2FN7gjlCRtq1NUmaqLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7854b64c3972a980-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 06 Jan 2023 13:13:38 GMT
content-encoding
br
last-modified
Fri, 06 Jan 2023 08:00:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
NZ
content-length
9215
expires
Fri, 06 Jan 2023 14:13:38 GMT
adpushup.js
cdn.adpushup.com/42753/ 		540 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
fb2a4f1da8b289ee34cd3682eb213ac2c4be445dee6f843fb3a82d620910af3f

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 06 Jan 2023 13:13:38 GMT
content-encoding
br
last-modified
Fri, 06 Jan 2023 13:09:01 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=13, origin; dur=476
x-cf-geodata
NZ
expires
Fri, 06 Jan 2023 14:13:38 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ffb5e31b6ba84ea65f1ffbc3df06020d76a464e3d49fad09da37a9ae58915b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119732
x-xss-protection
0
server
cafe
etag
6090263939755135528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/ Frame 6FCB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
29672
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 04:59:06 GMT
etag
10353107486223812946
expires
Fri, 20 Jan 2023 04:59:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9045
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cf13Zs69ImEj6xDgrPnS4onyeh6TsMqG0NprIb6BmrASPpMMXMhd%2BLopzrQOWZRMQWpQR4i8P%2BOfjvxY%2FPiIMWa7z1LJWXO0sdyv%2BOdtKbO6zYBF03%2F8be07YDA31tf9ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7854b64e1b83a980-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
7c7d3097c8e7806f037b5d2560881808c32a5bfea51dd4012870e9bdf7c4a520

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:39 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
7c7d3097c8e7806f037b5d2560881808c32a5bfea51dd4012870e9bdf7c4a520

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:39 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.41104420519081586&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:38 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.3737416943180689&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:38 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
3eaad010dfece38cd08073d922f09636.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/3eaad010dfece38cd08073d922f09636.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b71e66391bf29b085f6d382ab6480776.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b71e66391bf29b085f6d382ab6480776.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
87835cde3dd52fd53d24da96ea711b33.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/87835cde3dd52fd53d24da96ea711b33.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
fbadcd95f2f7b45b0e1d8c4a8af3070d.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fbadcd95f2f7b45b0e1d8c4a8af3070d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
000fbb6bef85196bb9d5dff3affa16e0.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/000fbb6bef85196bb9d5dff3affa16e0.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2d9987563ce661673f05cfa7f195696d.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/2d9987563ce661673f05cfa7f195696d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a8de810ad05769d03ba418def5572995.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a8de810ad05769d03ba418def5572995.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ee6134fd1e841de9453ceca0ab4486d9.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ee6134fd1e841de9453ceca0ab4486d9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1206b444aca26f5db02bb5c3287b2ba9.jpg
static.bg3.co/imgs/202111/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/1206b444aca26f5db02bb5c3287b2ba9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
389a5ee68737fd6137c3f15799cd5ff7.jpg
static.bg3.co/imgs/202107/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/389a5ee68737fd6137c3f15799cd5ff7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8e00104152670f4e88f043d9bb288437.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/8e00104152670f4e88f043d9bb288437.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0cd1c65de06baeb4654504b0c9f501c5.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/0cd1c65de06baeb4654504b0c9f501c5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e4b2fe4c16a42b57da79b56fe341c8aa.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e4b2fe4c16a42b57da79b56fe341c8aa.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cec5f510d4a7214644f0ac39c8e2cebc.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/cec5f510d4a7214644f0ac39c8e2cebc.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9ab1e3515da5019b97e208d60aec7b94.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/9ab1e3515da5019b97e208d60aec7b94.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d1c2b54097b72706a6164db0180cdd13.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d1c2b54097b72706a6164db0180cdd13.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
c854904ff9b174279124c373152be17b526b1f829856f24d6de4b89c7446c413
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 06 Jan 2023 10:58:26 GMT
age
8114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2984
x-xss-protection
0
server
sffe
etag
"b39fe751b85842c3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 06 Jan 2024 10:58:26 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
987cf494483d44d5e01fe5928229625d7536ed129be62d788091bf001443f9ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
143719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
server
sffe
etag
"57f88572ba60044c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
37114603e314b43008c3dbe162e09b40cf2cb2a59a20742eca949a04bca77f3a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
143719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23092
x-xss-protection
0
server
sffe
etag
"4ee34b5363236044"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
61e8a8d677d7b2f3ac3bfa393d6be3e01c26d6a656b1119fbb2a359518542a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
457
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJXZ4J0GEogBCiQxMjBmZDE2ZS0wYzk3LTRjNzAtYTE5OS0yYTY5NDY4ODRlYmUQ+OiCoKvU+wIaBgiFveCdBiINMTE2LjkwLjc0LjIwMyiA4AIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGRhZDg0NDBlLWM4NDItNGNmNi05YWJjLTIzMjg0NTcwOWYzZhi46QEiGAgCEhRjZHMyMTAubGEzLmh3Y2RuLm5ldA==.+FSTWafz66H7xI4SRSiW58Cmxpz7894MazeUlVWkrto=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1673010821.dop030.la3.t,1673010821.cds217.la3.hn,1673010821.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
b7c80316a514c0892bcf6f6c1966a463dfbb379d97c0fdcefb666408f17ed0dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:18:21 GMT
age
143719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10297
x-xss-protection
0
server
sffe
etag
"6829dd3b11eb1a2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:18:21 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1BCE 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
d5db1212d7b0d5a3ff04c683c57b66c8479c891c601aa7d53b391a3c47079524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34132
x-xss-protection
0
server
cafe
etag
12369294976404731420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:39 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5494 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
d5db1212d7b0d5a3ff04c683c57b66c8479c891c601aa7d53b391a3c47079524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34132
x-xss-protection
0
server
cafe
etag
12369294976404731420
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:39 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 235F 		714 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
9923
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7854b654ccbba874-SYD
content-encoding
br
content-type
text/html
date
Fri, 06 Jan 2023 13:13:39 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14FpnUoAkS97cZDBMUoMdVAr2FAqjTy4N%2F2%2Flj8%2F87EC4x4SyzQs7FbV4ngCrTFrZ8Y95y9J%2BZO1YIvSW1qik51np9ObJZAB3a6NMxsqN%2Fc%2F70OFwvAQbiT%2B7icaiM%2BsaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:40 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 418B 		714 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
9923
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7854b654dccba874-SYD
content-encoding
br
content-type
text/html
date
Fri, 06 Jan 2023 13:13:39 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8mh8PPJtXvY9J8Tv0pjBL7HAXt1UUlaAAXA%2BfMGO2hizO0hQFlYsZkQPCJUluWv2TjL%2BOqhkhXgnByhhDaEjoag77aEPYdCaJkdRDVEfY0G85AUaBAfuwBYeIehE7cKoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gtag.json
cdn.ampproject.org/rtv/012212151632002/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Jan 2023 05:14:19 GMT
age
115160
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"83a6a9d640e3080e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 05 Jan 2024 05:14:19 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 1BCE 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
cb9d55a0b675c7b51107e1b46e7f351ca690da86fdd4dd905c34efd6dc28fe02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119965
x-xss-protection
0
server
cafe
etag
5329007812542293314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 235F 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
72356fdd3fdf575c34c67d0a4236c3818248e73f5c4219ca9a4b663ef72d1ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27576
x-xss-protection
0
server
sffe
etag
"1443 / 694 of 1000 / last-modified: 1673006750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 13:13:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 418B 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
e85f1333e55d7e0a10063d959d4eeb4d10e85ec0fc284393bbfc495048cd5b1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27570
x-xss-protection
0
server
sffe
etag
"1443 / 12 of 1000 / last-modified: 1673006750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 13:13:40 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 5494 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
63de092f5eea6c6919ff3edcefc535b1aba0c00dc72c9b7d65a2eb2bec2a165b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
14859070189463848736
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:41 GMT
cookie.js
partner.googleadservices.com/gampad/ 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-5961800537962381&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
14d4ec1799c0ee13f8a013d9813021bbffa40ba760fe9499e226014a5287612b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4269 		0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=3025194257&lmt=1673010819&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010818124&bpp=4&bdt=1269&idt=1531&shv=r20230104&mjsv=m202212080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6105672055831&frm=20&pv=2&ga_vid=301647917.1673010820&ga_sid=1673010820&ga_hid=695584987&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071277%2C44774606%2C44779793%2C31071260%2C44780792&oid=2&pvsid=1304513170908520&tmod=1996673560&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1554
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:40 GMT
expires
Fri, 06 Jan 2023 13:13:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJXZ4J0GEogBCiQwOGJiZjUyMS05ZTNhLTQ1YjItOGE4ZS0xNDAyZmE2MzkxYTcQ+OiCoKvU+wIaBgiFveCdBiINMTE2LjkwLjc0LjIwMyiA4AIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGYxOGU4NWQ1LTI2NjMtNDc3Mi1iMTQxLWUzNTI5NjdiNjQ5NRib8QEiGAgCEhRjZHMyNjcubGEzLmh3Y2RuLm5ldA==.7oOnDCB3j51r2SQGF6M6QrasXur6ABOUipt3J2vOUBU=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1673010821.dop030.la3.t,1673010821.cds217.la3.hn,1673010821.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 06 Jan 2023 13:13:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ Frame 235F 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 03:11:43 GMT
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ Frame 418B 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 03:11:43 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=2019%E5%8D%81%E4%BA%8C%E6%98%9F%E5%BA%A7%E9%82%84%E8%A6%81%E8%A1%B0%E5%A4%9A%E4%B9%85%EF%BC%9F%E5%94%90%E7%B6%BA%E9%99%BD%E6%9B%9D%E8%BD%89%E9%81%8B%E9%97%9C%E9%8D%B5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-o0py8PZnEWEt0Yiu3UO6lg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.22593690986695392&gjid=0.34701845674873466&_r=1&a=6517&z=0.2711888721344242&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-host-v0.js
cdn.ampproject.org/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212080101/show_ads_impl_fy2021.js?bust=31071277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
fbd1e8b96c46848db89a70d3e4612e5ac22b113200bc3b376094eeed4cd0e3fb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 13:13:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7860
x-xss-protection
0
server
sffe
etag
"ccc714ecb8377507"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 13:13:41 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012212151632002/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
0fddacb1b4b94539fcb975e43c63d6b8fb2257f1c6cdefa318d156d4e5a57374
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:25:17 GMT
age
143304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57948
x-xss-protection
0
server
sffe
etag
"beb5ab581ca1065f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:25:17 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-3094591282289990921.ampproject.net/2212151632002/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-3094591282289990921.ampproject.net/2212151632002/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ Frame 235F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 235F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 235F 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1594908084137933&correlator=689139386809114&eid=31071151%2C31069102%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1673010821621&lmt=1644386353&dlt=1673010819418&idt=2181&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=wz6u2ztnmbrn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1832708277.1673010822&ga_sid=1673010822&ga_hid=2034134032&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
6db82abb4412b1892a824d38710e011843184fe78bb841dd23341c853e169d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 796A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:42 GMT
expires
Sat, 06 Jan 2024 13:13:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 1BCE 		379 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
2344c4525a013a1b6a135714f00acf1466f72a3442b63856ad16d26db164f34f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 1BCE 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1BCE 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame AC56
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134177&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
26
content-length
673
content-type
text/html
date
Fri, 06 Jan 2023 13:13:19 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6f91c725c3d4f2326304347075e516a4.cloudfront.net (CloudFront)
x-amz-cf-id
UVwkUXOwmiRbQvMtFQ7ahSsX6gNpfD2gtArdYWKkk2HEoGMC3qoRlw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:42 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
block.jpg
delivery.adrecover.com/ 		281 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1673010821848
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
Akamai Image Server /
Resource Hash
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-image-server-fetch-real
27
date
Fri, 06 Jan 2023 13:13:42 GMT
x-image-server-cost-real
13710
x-akamai-im-skip-dlr
1
x-image-server-cpu-estimate
10
x-image-server-response
request-4907514-48428081-517ccef6
x-akamai-device
mobile:false&tablet:false
x-image-server-cost-estimate
11501
content-length
281
x-image-server-product
AIC
x-akamai-country
NZ
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
Akamai Image Server
x-im-policy-version
1
x-image-server-cpu-real
15
etag
"60d2d6c2-277"
x-image-server-store-time
1673010822
x-im-result-width
1
x-im-original-width
1
access-control-allow-origin
*
content-type
image/jpeg
cache-control
no-transform, max-age=3600
x-image-server-original-size
631
x-image-server-fetch-estimate
25
expires
Fri, 06 Jan 2023 14:13:42 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame 418B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 418B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 418B 		492 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1181813426841002&correlator=3690197302700291&eid=31071150%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1673010821863&lmt=1644386353&dlt=1673010819425&idt=2428&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=g2gs0zs8a9ef&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=639644067.1673010822&ga_sid=1673010822&ga_hid=314205262&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
ebe645bc307f3a0a4db4b28c5acbc5ab84b78966b5344dba4c54a6ccd8bae7b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5884 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:42 GMT
expires
Sat, 06 Jan 2024 13:13:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 5494 		12 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 5494 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5494 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FD4F 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
6e6a6e89f55e442107465d2e5e36dc0bd61f72b68e82ff5d7ebc5d894f18ed92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9930
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:42 GMT
expires
Fri, 06 Jan 2023 13:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
94168
expires
Sat, 06 Jan 2024 13:13:43 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
211
expires
Sat, 06 Jan 2024 13:13:43 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-length
18371
expires
Fri, 06 Jan 2023 14:13:43 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
72356fdd3fdf575c34c67d0a4236c3818248e73f5c4219ca9a4b663ef72d1ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27576
x-xss-protection
0
server
sffe
etag
"1443 / 678 of 1000 / last-modified: 1673006750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 13:13:42 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzMwMTA4MjIxNTQsInBhY2tldElkIjoiMDAwMEE3MDEtZWY1MGY1ZjMtNjJhZC00N2ExLWFkYWUtYjY3YzBlZjY5OWRkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMTlzaGktZXIteGluZy16dW8taHVhbi15YW8tc2h1YWktZHVvLWppdS10YW5nLXFpLXlhbmctcHUtemh1YW4teXVuLWd1YW4tamlhbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6712.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NzMwMTA4MjIxNTUsInBhY2tldElkIjoiMDAwMEE3MDEtZWY1MGY1ZjMtNjJhZC00N2ExLWFkYWUtYjY3YzBlZjY5OWRkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMTlzaGktZXIteGluZy16dW8taHVhbi15YW8tc2h1YWktZHVvLWppdS10YW5nLXFpLXlhbmctcHUtemh1YW4teXVuLWd1YW4tamlhbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=6713.10000038147
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzMwMTA4MjIxNTUsInBhY2tldElkIjoiMDAwMEE3MDEtZWY1MGY1ZjMtNjJhZC00N2ExLWFkYWUtYjY3YzBlZjY5OWRkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMTlzaGktZXIteGluZy16dW8taHVhbi15YW8tc2h1YWktZHVvLWppdS10YW5nLXFpLXlhbmctcHUtemh1YW4teXVuLWd1YW4tamlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=6713.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
10246
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Fri, 06 Jan 2023 17:13:43 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzMwMTA4MjIxNjIsInBhY2tldElkIjoiMDAwMEE3MDEtZWY1MGY1ZjMtNjJhZC00N2ExLWFkYWUtYjY3YzBlZjY5OWRkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMTlzaGktZXIteGluZy16dW8taHVhbi15YW8tc2h1YWktZHVvLWppdS10YW5nLXFpLXlhbmctcHUtemh1YW4teXVuLWd1YW4tamlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6720
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NzMwMTA4MjIxNjUsInBhY2tldElkIjoiMDAwMEE3MDEtZWY1MGY1ZjMtNjJhZC00N2ExLWFkYWUtYjY3YzBlZjY5OWRkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hLzIwMTlzaGktZXIteGluZy16dW8taHVhbi15YW8tc2h1YWktZHVvLWppdS10YW5nLXFpLXlhbmctcHUtemh1YW4teXVuLWd1YW4tamlhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=6722.799999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9105 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-1371397533880750707&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3192&oid=2&is_amp=5&amp_v=2212151632002&d_imp=1&c=8036006517&ga_hid=695584987&dt=1673010821711&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&bdt=4856&dtd=464&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012212151632002/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhEwLcqt_7gMWh7m_1m6JvnPnLqxPqkBbJS_yO12w0tqllGWh_0GTxi8k3CBY5LVq9-mH9ZGaDfpOIQ25Emgsl_jFqRib4y1ieub2hVjvkpLMY8vw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FD4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 16:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
75960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 16:07:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame FD4F 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 18:53:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
66023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 18:53:20 GMT
l
www.google.com/ads/measurement/ Frame FD4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsyX46RdV_LmZUeEYPz8QYPCoQAos9eOOYnC22MgCtM-yw8u_s9ou_v8WR4OWVHgsONOt0jQC3cv21qiUXosYua2CrIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame A057 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGMzb4d0BMAE&v=APEucNW5FCoDRHujAkMme3xnVSt0KwUJ3zYgmV-t3PvPbeIPJ9BYKtzrFyeWkUQ0UHEkGXbGfn6RcNEBlxuzLLciAgu2nfQCLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FD4F 		68 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B213wWFUVj0oU5bT0fmAK0eKyyMk94h7Aw_k-cC7Tp3VjjSb9CZUOsj_G5h8SHgchCbRqVvAQ9gsZULgy5d676Fk-TvA&cry=1&dbm_d=AKAmf-Av-8h_2fKj6TaGVxZV-mgp-qYR0xBcKSoAj2sTobN7KmEYXDOh8N4QxYCWEaHLk4f_ZjT-DT7ibOh9SITOGnrJePVIo0BOs78ORW2TLEz2pX0jNbVd-xa2fkQm-aphRne4WU8LQERw_RaoMfIpURBXlCo2c8VbkIi-QyTdi2hBNwAGwxTzvTqMfk2JKMiN9NAOT-vbZpzY2NBUoFUdIngbDSm46R_UCzkPqVrFrF_X5dfZVCxQdBBbc690RkhS5f0x4SWqIvisC94qrylBJNiEL6PTRtR5mTPNAAeZxCzsLLqQUlpk3AiBY8krFm7gxl6nuBep9-Z8EQ9EzCNHEbN3tCJgVrf1Giq-qi-QRz2jvua7M-ZrN0PVJAL3A_f-ZmoZ1xgqlcl9_mSlMUHFLACVFPxRQKWCIQxdDXBxlCr9T2ggm7Bw5CdAvPInQ-yYq8MtSEUjx7WKhr6SOjwsQ4MB6njLzh2F3CV9orPl9jkYfGjB3OKcME1srwGi-21-BWcDK6pbov8RhwhyUdRUNxxE8CS1EP7-sVUc2WKpQWMIYnXLjRKw4a9uk_ugcGeWdijuoopPhBUyUr3KB6FP6-eMGj4aOBeyhdv9y3T7-gEpnhn2OBBUEgIOoEMrUXgLoAhwpZ9L20iNINfE1N2DPuFW7v8nf6MtfwhlTFk4wrXa5u0JbUBGDOVmDKtfFDPD55idymGsXwtFVOauzyEO2mgn6GvKAnxv1RX5wnC2ctPgZqARJKPxzA0dwDcgNUR6on5CRnatykiSsRikk_t2jQz8Pq3p0Phxjrqp907jf7nWdAliyogI8q8ghOJQoLiL-3HPFna9XqOLIAUCcB0BVe4pzfiFsWCUC4nI_K4hwPyXkF1U8kxDcoKDnVTbhTPCmer6WKduPhYh2p-UFuiAfLUpO-oHFU1MfH7HrXQHfKqAXnqE2EKtC-Pbvm8kuSVxLbrWi1uw7ZZ8gemDtgvu4_SkAA4sWvIbQ7zxm3iLyRHsd2q7oY9rnzfOoKkR5idG9d1M2S9gpyBHQdTe_n059AiJwDgGm6Tv2mrFV970hP-p6Al0Rw3u0o3I5Owx5ZRWqqK0PRs3eYiS7q3L9TL1MS7KbiZw139Nxj6dKmJXqIad1xZeaXRk0JDdIsLQPLK67tp7YIXHdZu9vLirOSO7QK-a0YOuYXVQo_Kl_58lS4kvUZn2CJNDvhbkuifGV95YkTwId62FGnYO-JwgV3C6o9NEwSeNr42XCVlqR2QbwmoRERb7Fa5ARhrw6IOP5ogYq-GOR5zWliwBONxotvytJApKooyQ3OXRqV5f1GZP809KvGCcTNSbX8eKlTTtNlRT2VV-Ba17fT_sEzoJ9haCxnWyh0xIYtx1iHdDnAOW_C3BcZy91JfXNd6FBRf-cqkVBsFkif1C8_eUn7mAyduTG_GNK01-kzcVBxCUCDpue8iJt8nBReH8Nm23DalCP9yrTNLIxvElIPBw7I15NSLRuZ-PYQaGKjKK62oA1PBEoeGo4TJiX1N-gXjgx_evt8_OGjeU-QvK-a2w1faimXYV9OlvE7RySrYuH_5TeNvVolT18xxkw2uODTIahiE1h44qGDraj2Jh1UNjVxdL7p9HbLtQkxDFQ85b_V7OYE2F9IMF02mX7VK9LiY560g_xKgYYYJJgT9bPVmvFCFoVSkVf0qmkia34rqmEPYf402TuKTkzWIQ2XlBMZmSZXOMJzg478nyvQzwuOzP0FUs-wYTQ9Wjhw38q8iirXlVZSO7KyKPW9vxqFz6FJ1V2tG2fGAWk5IbAMMXk85PXKzIu8Zj0IneveuRxDXlTM4EyVIgqV_kpT2kPmJ2T7SvdkmEXW1N53ls8kwmuzmoV1lorq58hrdee9lf9nRjIkQ9Gy3mU_1Ae7ueiEu_MuivXT84t8ExpGTNs09IEeyhwq5Eb391HXNOP-YEfr6ki_z92_tMms2QlVKLUhpykVlAtx7Qksjircz5xvBW_bv-lRaUzQqR0_uoKx1NSiTyO40Fv4q9yTtytVb_bX5jzl3ZqXyDDv-9PrUTp7XXqDtamrlfEO9pS8zwxLQHq_xEGs-8mp230CZx9PQQHJKdnNHZwjfH3ZSVd_1Jhxz1Su6f4pyZuxOWjpZzP74hjkaIAIFcaelx01-qVGPs8LmiFOfIUh040EBJscTDQCAmvygE4nZcFs5NRIbnViWI-isNsQyT3mU2x2wfbmbxR_IU5m53M_EGiCiX8PY7073h-pZ5LGCLZP0KloRQMspTpNAKdPxW5Ff52LAncC-ahSjYW4bdXIWVKp18mZGgvJADKE47yK9oIAQigB8mNZWAHZ4isUNihHEAEvStZMT2CcNSp1iLfzzzi5ZJnM0Kl2fIHRWw1mgYOBmHqm0RrW6ojx6kPC_l9OAkhYSU0Ic8Fyf2i_9ZJW2WNXq_bB9DaxPr5LsbjhnBMcCi8eVw8ZEmJnIlD6GeunNR_Z1f8NyroBDLhT3fK8251bsULWmguHIAD-cVpAV9jyPz2s5TA3EGJJs86rFooJKf0KM6t9PRYzFJqR6ypAcFYvcSdJikaAVKWud6PNyagCZMafILJhWAoghZb4yvqf6mzYAJ0QVzQ6R3yCy__HrP46874f_pPoKGuRFIrF16PG7jHfF-EUzDMQHa2GV_ClbGcQCNclpFpmUxYz6CRsVdfz8V4yFXHkqiDRdZFeiMlR7d7gPSWo6Enyz3EjQrHt6pQ7V0I6ZkHC0bW1OF0GJJj7LuQylTLgvp_SUgZ7LuqUU0MPOkLV7QFXC1TnjjuhdS-5SbX2aCYC1KMTytKUbdjuO95XQxko2XNvYtatXiIGKDIpU1FdGTLNWajfOZxyauVbqmac9ciX_opPwClvUu4SrE6_Rf6Bn3RdzYnS1D4hTRQs-uS-jU0MoLWkvHRqJetQTPno8v07hDWn3dLV2p7EkndOnGSw2YUyrex5bJRukfYvSap9gbu3J9mD6PMDDMNAK3U-pfwbFLG4pVvWfcvzsWoupXIBno7ZonG1h1xP0QklFSrVMTFtQepke7jnz-jZC4zPDhMWnFl6VmpbNb5J_AnwMZgHEL1JpvfVstgKipsJ6UGvrpJIF7ID8q4Mu6e8WBtCTqQ7vTkPLacyle1lWGh29KG0UhrN5jVeuLaZQwkDP-TfLxRqopj5ttH-wCiNpTqSah0-E-Xp-gJaz1rQVDS9NcJ6SsUTkLtBC3eJh8rIi_DntcF2o026r1YxeYmPm20yFiJwJYtqKdKSAXDLhLbGVrK6_sDWJzIzQbYffKSZkpJ3F9PDAVnUZAqDIPSvdakz-9-wPzHTp2V1ZT5bVjh_kzeZCuTHO4nYxO9-appRtBuwS5oVhdlJ4WD3CvCM_gPSvahP4M8gZaQIbrUS7aXM5Fad9zkNESzKkMDW-ueiNXAFnxdtU78ZxDbWHVPhSFA4q5dbK6LQiFDq2BGESWz_ok94Y_7gUsfDVn441UQiXVSeaaWp3OPQlDFAZyQ_z5UNn7OBo&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
337cc6d9422951e9b50bdda5f7dd5d9a4f049cbd0f4ea5908475f775a20f76f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33497
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD4F 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 235F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
9121b0a360f4b6e97eb06073c7fe0c6e9fdfb95cdff7e4133350dd78d885859b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12655
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 418B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
88e4e7434359d71a96c106f0cb525515e4651bf761afaa8cac6f739ce80772c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12472
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame A057
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGMzb4d0BMAE&v=APEucNW5FCoDRHujAkMme3xnVSt0KwUJ3zYgmV-t3PvPbeIPJ9BYKtzrFyeWkUQ0UHEkGXbGfn6RcNEBlxuzLLciAgu2nfQCLA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame A057
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7geiEDOHuqPtRq6TUqHLAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGMzb4d0BMAE&v=APEucNW5FCoDRHujAkMme3xnVSt0KwUJ3zYgmV-t3PvPbeIPJ9BYKtzrFyeWkUQ0UHEkGXbGfn6RcNEBlxuzLLciAgu2nfQCLA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBop9niL-71m_Ob8DWGjmUc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame A057
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMJeLDr0_UxbW_bYPqq1VZc&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMJeLDr0_UxbW_bYPqq1VZc%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMJeLDr0_UxbW_bYPqq1VZc%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGMzb4d0BMAE&v=APEucNW5FCoDRHujAkMme3xnVSt0KwUJ3zYgmV-t3PvPbeIPJ9BYKtzrFyeWkUQ0UHEkGXbGfn6RcNEBlxuzLLciAgu2nfQCLA
Protocol
HTTP/1.1
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:43 GMT
AN-X-Request-Uuid
4bd55d2a-fb46-4473-8606-005dde44552e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:43 GMT
AN-X-Request-Uuid
bb19cbcd-b627-41fa-a478-811f01a55b93
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMJeLDr0_UxbW_bYPqq1VZc%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A057
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1NjcxMjMzNzM0MjI0OTAwNg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1NjcxMjMzNzM0MjI0OTAwNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6UTBCO3LwCGMzb4d0BMAE&v=APEucNW5FCoDRHujAkMme3xnVSt0KwUJ3zYgmV-t3PvPbeIPJ9BYKtzrFyeWkUQ0UHEkGXbGfn6RcNEBlxuzLLciAgu2nfQCLA
Protocol
H2
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 06 Jan 2023 13:13:43 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
66c93fd1-9997-4656-9729-8f498dcc8681
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1NjcxMjMzNzM0MjI0OTAwNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 235F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:45 GMT
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 03:11:43 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		134 B
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80
x-xss-protection
0
expires
Fri, 06 Jan 2023 13:13:43 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AC56 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
d4627b9b559721413f5c1b9bcb78bf895ac006d0477fe1ffe6a905a302ca1d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34160
x-xss-protection
0
server
cafe
etag
17905230343461668606
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:43 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame FD4F 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B213wWFUVj0oU5bT0fmAK0eKyyMk94h7Aw_k-cC7Tp3VjjSb9CZUOsj_G5h8SHgchCbRqVvAQ9gsZULgy5d676Fk-TvA&cry=1&dbm_d=AKAmf-Av-8h_2fKj6TaGVxZV-mgp-qYR0xBcKSoAj2sTobN7KmEYXDOh8N4QxYCWEaHLk4f_ZjT-DT7ibOh9SITOGnrJePVIo0BOs78ORW2TLEz2pX0jNbVd-xa2fkQm-aphRne4WU8LQERw_RaoMfIpURBXlCo2c8VbkIi-QyTdi2hBNwAGwxTzvTqMfk2JKMiN9NAOT-vbZpzY2NBUoFUdIngbDSm46R_UCzkPqVrFrF_X5dfZVCxQdBBbc690RkhS5f0x4SWqIvisC94qrylBJNiEL6PTRtR5mTPNAAeZxCzsLLqQUlpk3AiBY8krFm7gxl6nuBep9-Z8EQ9EzCNHEbN3tCJgVrf1Giq-qi-QRz2jvua7M-ZrN0PVJAL3A_f-ZmoZ1xgqlcl9_mSlMUHFLACVFPxRQKWCIQxdDXBxlCr9T2ggm7Bw5CdAvPInQ-yYq8MtSEUjx7WKhr6SOjwsQ4MB6njLzh2F3CV9orPl9jkYfGjB3OKcME1srwGi-21-BWcDK6pbov8RhwhyUdRUNxxE8CS1EP7-sVUc2WKpQWMIYnXLjRKw4a9uk_ugcGeWdijuoopPhBUyUr3KB6FP6-eMGj4aOBeyhdv9y3T7-gEpnhn2OBBUEgIOoEMrUXgLoAhwpZ9L20iNINfE1N2DPuFW7v8nf6MtfwhlTFk4wrXa5u0JbUBGDOVmDKtfFDPD55idymGsXwtFVOauzyEO2mgn6GvKAnxv1RX5wnC2ctPgZqARJKPxzA0dwDcgNUR6on5CRnatykiSsRikk_t2jQz8Pq3p0Phxjrqp907jf7nWdAliyogI8q8ghOJQoLiL-3HPFna9XqOLIAUCcB0BVe4pzfiFsWCUC4nI_K4hwPyXkF1U8kxDcoKDnVTbhTPCmer6WKduPhYh2p-UFuiAfLUpO-oHFU1MfH7HrXQHfKqAXnqE2EKtC-Pbvm8kuSVxLbrWi1uw7ZZ8gemDtgvu4_SkAA4sWvIbQ7zxm3iLyRHsd2q7oY9rnzfOoKkR5idG9d1M2S9gpyBHQdTe_n059AiJwDgGm6Tv2mrFV970hP-p6Al0Rw3u0o3I5Owx5ZRWqqK0PRs3eYiS7q3L9TL1MS7KbiZw139Nxj6dKmJXqIad1xZeaXRk0JDdIsLQPLK67tp7YIXHdZu9vLirOSO7QK-a0YOuYXVQo_Kl_58lS4kvUZn2CJNDvhbkuifGV95YkTwId62FGnYO-JwgV3C6o9NEwSeNr42XCVlqR2QbwmoRERb7Fa5ARhrw6IOP5ogYq-GOR5zWliwBONxotvytJApKooyQ3OXRqV5f1GZP809KvGCcTNSbX8eKlTTtNlRT2VV-Ba17fT_sEzoJ9haCxnWyh0xIYtx1iHdDnAOW_C3BcZy91JfXNd6FBRf-cqkVBsFkif1C8_eUn7mAyduTG_GNK01-kzcVBxCUCDpue8iJt8nBReH8Nm23DalCP9yrTNLIxvElIPBw7I15NSLRuZ-PYQaGKjKK62oA1PBEoeGo4TJiX1N-gXjgx_evt8_OGjeU-QvK-a2w1faimXYV9OlvE7RySrYuH_5TeNvVolT18xxkw2uODTIahiE1h44qGDraj2Jh1UNjVxdL7p9HbLtQkxDFQ85b_V7OYE2F9IMF02mX7VK9LiY560g_xKgYYYJJgT9bPVmvFCFoVSkVf0qmkia34rqmEPYf402TuKTkzWIQ2XlBMZmSZXOMJzg478nyvQzwuOzP0FUs-wYTQ9Wjhw38q8iirXlVZSO7KyKPW9vxqFz6FJ1V2tG2fGAWk5IbAMMXk85PXKzIu8Zj0IneveuRxDXlTM4EyVIgqV_kpT2kPmJ2T7SvdkmEXW1N53ls8kwmuzmoV1lorq58hrdee9lf9nRjIkQ9Gy3mU_1Ae7ueiEu_MuivXT84t8ExpGTNs09IEeyhwq5Eb391HXNOP-YEfr6ki_z92_tMms2QlVKLUhpykVlAtx7Qksjircz5xvBW_bv-lRaUzQqR0_uoKx1NSiTyO40Fv4q9yTtytVb_bX5jzl3ZqXyDDv-9PrUTp7XXqDtamrlfEO9pS8zwxLQHq_xEGs-8mp230CZx9PQQHJKdnNHZwjfH3ZSVd_1Jhxz1Su6f4pyZuxOWjpZzP74hjkaIAIFcaelx01-qVGPs8LmiFOfIUh040EBJscTDQCAmvygE4nZcFs5NRIbnViWI-isNsQyT3mU2x2wfbmbxR_IU5m53M_EGiCiX8PY7073h-pZ5LGCLZP0KloRQMspTpNAKdPxW5Ff52LAncC-ahSjYW4bdXIWVKp18mZGgvJADKE47yK9oIAQigB8mNZWAHZ4isUNihHEAEvStZMT2CcNSp1iLfzzzi5ZJnM0Kl2fIHRWw1mgYOBmHqm0RrW6ojx6kPC_l9OAkhYSU0Ic8Fyf2i_9ZJW2WNXq_bB9DaxPr5LsbjhnBMcCi8eVw8ZEmJnIlD6GeunNR_Z1f8NyroBDLhT3fK8251bsULWmguHIAD-cVpAV9jyPz2s5TA3EGJJs86rFooJKf0KM6t9PRYzFJqR6ypAcFYvcSdJikaAVKWud6PNyagCZMafILJhWAoghZb4yvqf6mzYAJ0QVzQ6R3yCy__HrP46874f_pPoKGuRFIrF16PG7jHfF-EUzDMQHa2GV_ClbGcQCNclpFpmUxYz6CRsVdfz8V4yFXHkqiDRdZFeiMlR7d7gPSWo6Enyz3EjQrHt6pQ7V0I6ZkHC0bW1OF0GJJj7LuQylTLgvp_SUgZ7LuqUU0MPOkLV7QFXC1TnjjuhdS-5SbX2aCYC1KMTytKUbdjuO95XQxko2XNvYtatXiIGKDIpU1FdGTLNWajfOZxyauVbqmac9ciX_opPwClvUu4SrE6_Rf6Bn3RdzYnS1D4hTRQs-uS-jU0MoLWkvHRqJetQTPno8v07hDWn3dLV2p7EkndOnGSw2YUyrex5bJRukfYvSap9gbu3J9mD6PMDDMNAK3U-pfwbFLG4pVvWfcvzsWoupXIBno7ZonG1h1xP0QklFSrVMTFtQepke7jnz-jZC4zPDhMWnFl6VmpbNb5J_AnwMZgHEL1JpvfVstgKipsJ6UGvrpJIF7ID8q4Mu6e8WBtCTqQ7vTkPLacyle1lWGh29KG0UhrN5jVeuLaZQwkDP-TfLxRqopj5ttH-wCiNpTqSah0-E-Xp-gJaz1rQVDS9NcJ6SsUTkLtBC3eJh8rIi_DntcF2o026r1YxeYmPm20yFiJwJYtqKdKSAXDLhLbGVrK6_sDWJzIzQbYffKSZkpJ3F9PDAVnUZAqDIPSvdakz-9-wPzHTp2V1ZT5bVjh_kzeZCuTHO4nYxO9-appRtBuwS5oVhdlJ4WD3CvCM_gPSvahP4M8gZaQIbrUS7aXM5Fad9zkNESzKkMDW-ueiNXAFnxdtU78ZxDbWHVPhSFA4q5dbK6LQiFDq2BGESWz_ok94Y_7gUsfDVn441UQiXVSeaaWp3OPQlDFAZyQ_z5UNn7OBo&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
7485935580621256062
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:35:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/ Frame FD4F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B213wWFUVj0oU5bT0fmAK0eKyyMk94h7Aw_k-cC7Tp3VjjSb9CZUOsj_G5h8SHgchCbRqVvAQ9gsZULgy5d676Fk-TvA&cry=1&dbm_d=AKAmf-Av-8h_2fKj6TaGVxZV-mgp-qYR0xBcKSoAj2sTobN7KmEYXDOh8N4QxYCWEaHLk4f_ZjT-DT7ibOh9SITOGnrJePVIo0BOs78ORW2TLEz2pX0jNbVd-xa2fkQm-aphRne4WU8LQERw_RaoMfIpURBXlCo2c8VbkIi-QyTdi2hBNwAGwxTzvTqMfk2JKMiN9NAOT-vbZpzY2NBUoFUdIngbDSm46R_UCzkPqVrFrF_X5dfZVCxQdBBbc690RkhS5f0x4SWqIvisC94qrylBJNiEL6PTRtR5mTPNAAeZxCzsLLqQUlpk3AiBY8krFm7gxl6nuBep9-Z8EQ9EzCNHEbN3tCJgVrf1Giq-qi-QRz2jvua7M-ZrN0PVJAL3A_f-ZmoZ1xgqlcl9_mSlMUHFLACVFPxRQKWCIQxdDXBxlCr9T2ggm7Bw5CdAvPInQ-yYq8MtSEUjx7WKhr6SOjwsQ4MB6njLzh2F3CV9orPl9jkYfGjB3OKcME1srwGi-21-BWcDK6pbov8RhwhyUdRUNxxE8CS1EP7-sVUc2WKpQWMIYnXLjRKw4a9uk_ugcGeWdijuoopPhBUyUr3KB6FP6-eMGj4aOBeyhdv9y3T7-gEpnhn2OBBUEgIOoEMrUXgLoAhwpZ9L20iNINfE1N2DPuFW7v8nf6MtfwhlTFk4wrXa5u0JbUBGDOVmDKtfFDPD55idymGsXwtFVOauzyEO2mgn6GvKAnxv1RX5wnC2ctPgZqARJKPxzA0dwDcgNUR6on5CRnatykiSsRikk_t2jQz8Pq3p0Phxjrqp907jf7nWdAliyogI8q8ghOJQoLiL-3HPFna9XqOLIAUCcB0BVe4pzfiFsWCUC4nI_K4hwPyXkF1U8kxDcoKDnVTbhTPCmer6WKduPhYh2p-UFuiAfLUpO-oHFU1MfH7HrXQHfKqAXnqE2EKtC-Pbvm8kuSVxLbrWi1uw7ZZ8gemDtgvu4_SkAA4sWvIbQ7zxm3iLyRHsd2q7oY9rnzfOoKkR5idG9d1M2S9gpyBHQdTe_n059AiJwDgGm6Tv2mrFV970hP-p6Al0Rw3u0o3I5Owx5ZRWqqK0PRs3eYiS7q3L9TL1MS7KbiZw139Nxj6dKmJXqIad1xZeaXRk0JDdIsLQPLK67tp7YIXHdZu9vLirOSO7QK-a0YOuYXVQo_Kl_58lS4kvUZn2CJNDvhbkuifGV95YkTwId62FGnYO-JwgV3C6o9NEwSeNr42XCVlqR2QbwmoRERb7Fa5ARhrw6IOP5ogYq-GOR5zWliwBONxotvytJApKooyQ3OXRqV5f1GZP809KvGCcTNSbX8eKlTTtNlRT2VV-Ba17fT_sEzoJ9haCxnWyh0xIYtx1iHdDnAOW_C3BcZy91JfXNd6FBRf-cqkVBsFkif1C8_eUn7mAyduTG_GNK01-kzcVBxCUCDpue8iJt8nBReH8Nm23DalCP9yrTNLIxvElIPBw7I15NSLRuZ-PYQaGKjKK62oA1PBEoeGo4TJiX1N-gXjgx_evt8_OGjeU-QvK-a2w1faimXYV9OlvE7RySrYuH_5TeNvVolT18xxkw2uODTIahiE1h44qGDraj2Jh1UNjVxdL7p9HbLtQkxDFQ85b_V7OYE2F9IMF02mX7VK9LiY560g_xKgYYYJJgT9bPVmvFCFoVSkVf0qmkia34rqmEPYf402TuKTkzWIQ2XlBMZmSZXOMJzg478nyvQzwuOzP0FUs-wYTQ9Wjhw38q8iirXlVZSO7KyKPW9vxqFz6FJ1V2tG2fGAWk5IbAMMXk85PXKzIu8Zj0IneveuRxDXlTM4EyVIgqV_kpT2kPmJ2T7SvdkmEXW1N53ls8kwmuzmoV1lorq58hrdee9lf9nRjIkQ9Gy3mU_1Ae7ueiEu_MuivXT84t8ExpGTNs09IEeyhwq5Eb391HXNOP-YEfr6ki_z92_tMms2QlVKLUhpykVlAtx7Qksjircz5xvBW_bv-lRaUzQqR0_uoKx1NSiTyO40Fv4q9yTtytVb_bX5jzl3ZqXyDDv-9PrUTp7XXqDtamrlfEO9pS8zwxLQHq_xEGs-8mp230CZx9PQQHJKdnNHZwjfH3ZSVd_1Jhxz1Su6f4pyZuxOWjpZzP74hjkaIAIFcaelx01-qVGPs8LmiFOfIUh040EBJscTDQCAmvygE4nZcFs5NRIbnViWI-isNsQyT3mU2x2wfbmbxR_IU5m53M_EGiCiX8PY7073h-pZ5LGCLZP0KloRQMspTpNAKdPxW5Ff52LAncC-ahSjYW4bdXIWVKp18mZGgvJADKE47yK9oIAQigB8mNZWAHZ4isUNihHEAEvStZMT2CcNSp1iLfzzzi5ZJnM0Kl2fIHRWw1mgYOBmHqm0RrW6ojx6kPC_l9OAkhYSU0Ic8Fyf2i_9ZJW2WNXq_bB9DaxPr5LsbjhnBMcCi8eVw8ZEmJnIlD6GeunNR_Z1f8NyroBDLhT3fK8251bsULWmguHIAD-cVpAV9jyPz2s5TA3EGJJs86rFooJKf0KM6t9PRYzFJqR6ypAcFYvcSdJikaAVKWud6PNyagCZMafILJhWAoghZb4yvqf6mzYAJ0QVzQ6R3yCy__HrP46874f_pPoKGuRFIrF16PG7jHfF-EUzDMQHa2GV_ClbGcQCNclpFpmUxYz6CRsVdfz8V4yFXHkqiDRdZFeiMlR7d7gPSWo6Enyz3EjQrHt6pQ7V0I6ZkHC0bW1OF0GJJj7LuQylTLgvp_SUgZ7LuqUU0MPOkLV7QFXC1TnjjuhdS-5SbX2aCYC1KMTytKUbdjuO95XQxko2XNvYtatXiIGKDIpU1FdGTLNWajfOZxyauVbqmac9ciX_opPwClvUu4SrE6_Rf6Bn3RdzYnS1D4hTRQs-uS-jU0MoLWkvHRqJetQTPno8v07hDWn3dLV2p7EkndOnGSw2YUyrex5bJRukfYvSap9gbu3J9mD6PMDDMNAK3U-pfwbFLG4pVvWfcvzsWoupXIBno7ZonG1h1xP0QklFSrVMTFtQepke7jnz-jZC4zPDhMWnFl6VmpbNb5J_AnwMZgHEL1JpvfVstgKipsJ6UGvrpJIF7ID8q4Mu6e8WBtCTqQ7vTkPLacyle1lWGh29KG0UhrN5jVeuLaZQwkDP-TfLxRqopj5ttH-wCiNpTqSah0-E-Xp-gJaz1rQVDS9NcJ6SsUTkLtBC3eJh8rIi_DntcF2o026r1YxeYmPm20yFiJwJYtqKdKSAXDLhLbGVrK6_sDWJzIzQbYffKSZkpJ3F9PDAVnUZAqDIPSvdakz-9-wPzHTp2V1ZT5bVjh_kzeZCuTHO4nYxO9-appRtBuwS5oVhdlJ4WD3CvCM_gPSvahP4M8gZaQIbrUS7aXM5Fad9zkNESzKkMDW-ueiNXAFnxdtU78ZxDbWHVPhSFA4q5dbK6LQiFDq2BGESWz_ok94Y_7gUsfDVn441UQiXVSeaaWp3OPQlDFAZyQ_z5UNn7OBo&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:35:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FD4F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHIvyrUNt98cjtmtDNti635-M_yqeaWAkRSPSpomFKxRAEEZYpte9kk2fX2jL85f6YS_bf3Af1fciKYGV-n6dnkvPjXMyrAVEXuy_lAMHdwnyX9fJH40Oh9P9OZ7veEixw-OG2uReMuUGBiTQtZXlfhU9riIoMzywRvDdqD97tK0Q7ZoZpctqmPYLEcYicK5xNp41poB3DUN3FRfDBrKlYVK_cWC2A-GoQESWUKLJdqTbKfSHXfST0qLEHDXHOCR6uql1xdWgesmCA50ff-UyENKuQNoT4oBLqD4zfmHRaZo13FGqgXu5KICcKnmZkPmKWf9OUhQsVWtx0T7aGDXy_l7vUqbZEBGYCGCfutmeCRS5yIXwPAOfK1U90HolS45kQVdX-nANRY9yk3bg0ula7_CtKDvQrrQY345SKMCUVEMkKJIECCCbG-lsIKHpj9K2B8Sh4ZdK0gVBDShSR0XCUSAmSOEAd0H3ZS_x-fLWSrIj_DuoPv84gZzRGvVXnEoNGRi5ysUI4V7Tg96Qi47e014cdALGUYrP59JEHHlNmPud_m59pwCGPt5PSo0cdzcUcjkKHParIpukNT_SZecNqJEcdlbyRiMnQpKlsKs9_aYKJXvhl7r5BKRpZtbEVZuc1TcMEUdReo09RpzzBvykhQikPnstf7G2xtN7uFTFqtL4x3aHjzjLfO6JqZnk2CBovzVzF1ZXxCQSBS18MPFCf2bHFgYAx1QEC_hn61fZfPDYJSt8uGRu-k89SB7T42304jX9TFFR1GvRXTaWUtcmWWQ8SpxZhNHgK4t-jhwZ1A3SnndSjslx79-e5Gj2eeFlX9WCV5SFWScemsQZ3ZOgDSF94DVJICbTeg39XOulQOIwBvIuZaT5hPyBavcqTE3n9_m5STkgMXwfiXetiG3zQVvIXqEPl7tchcrdVu8DqzuWU-7jTnbMAY3BRFBvvwFgwHygcypoYwL7OPqdZyX9yXqRrlBNb5t_oQxwSOwChiQZUzk8jwK91qjsq1WTujAyCj0ejQWMsm0D4GTDNkpGLdtjhSS1zCwjhvwZlmsegTiL0vRe8YOLgdXdScbauI6AgSfTotcpi0K4CBzrNx19DCK9K6FtQgv-yTRUX6pBrVdMYabrvb3RMizLeRw8f1Fh0YRInYf60vuJtvcGUGQmQeB2ToBorFei0mpbtLoOx_LZNE5TwFekBMtc6NkQQcCgOkcxd8AmiBwU6R8un2OhSmaJd4FSOS9ByH40FappG5lb0FZ2Z&sai=AMfl-YSGDL8m7tb7CEvwfFcZ_V7y7T4rDVzm1Nw-KtnytGkVNr29mgIHapTGcV6gGqpoWF4se5Xekt2_FjyXDZBh4KEQJQsLeoy2Hb0lBjujchIB-QI4K4bCStgIY3jKlJw_bZ_q9u0enauPC4o9d82ogmdh4SYDxaAICwFEvFUIP2UC3yeSkiFBBS_f8UDD_-H2DcFyqTwgzpBcTi8bP6jYGRQgpbQOw5mpd_LwrX5V5FDdoy9_aSIsS3PbS26zSOGou08WLyOUgc0&sig=Cg0ArKJSzKbHp4_YvawbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230104.35886&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B213wWFUVj0oU5bT0fmAK0eKyyMk94h7Aw_k-cC7Tp3VjjSb9CZUOsj_G5h8SHgchCbRqVvAQ9gsZULgy5d676Fk-TvA&cry=1&dbm_d=AKAmf-Av-8h_2fKj6TaGVxZV-mgp-qYR0xBcKSoAj2sTobN7KmEYXDOh8N4QxYCWEaHLk4f_ZjT-DT7ibOh9SITOGnrJePVIo0BOs78ORW2TLEz2pX0jNbVd-xa2fkQm-aphRne4WU8LQERw_RaoMfIpURBXlCo2c8VbkIi-QyTdi2hBNwAGwxTzvTqMfk2JKMiN9NAOT-vbZpzY2NBUoFUdIngbDSm46R_UCzkPqVrFrF_X5dfZVCxQdBBbc690RkhS5f0x4SWqIvisC94qrylBJNiEL6PTRtR5mTPNAAeZxCzsLLqQUlpk3AiBY8krFm7gxl6nuBep9-Z8EQ9EzCNHEbN3tCJgVrf1Giq-qi-QRz2jvua7M-ZrN0PVJAL3A_f-ZmoZ1xgqlcl9_mSlMUHFLACVFPxRQKWCIQxdDXBxlCr9T2ggm7Bw5CdAvPInQ-yYq8MtSEUjx7WKhr6SOjwsQ4MB6njLzh2F3CV9orPl9jkYfGjB3OKcME1srwGi-21-BWcDK6pbov8RhwhyUdRUNxxE8CS1EP7-sVUc2WKpQWMIYnXLjRKw4a9uk_ugcGeWdijuoopPhBUyUr3KB6FP6-eMGj4aOBeyhdv9y3T7-gEpnhn2OBBUEgIOoEMrUXgLoAhwpZ9L20iNINfE1N2DPuFW7v8nf6MtfwhlTFk4wrXa5u0JbUBGDOVmDKtfFDPD55idymGsXwtFVOauzyEO2mgn6GvKAnxv1RX5wnC2ctPgZqARJKPxzA0dwDcgNUR6on5CRnatykiSsRikk_t2jQz8Pq3p0Phxjrqp907jf7nWdAliyogI8q8ghOJQoLiL-3HPFna9XqOLIAUCcB0BVe4pzfiFsWCUC4nI_K4hwPyXkF1U8kxDcoKDnVTbhTPCmer6WKduPhYh2p-UFuiAfLUpO-oHFU1MfH7HrXQHfKqAXnqE2EKtC-Pbvm8kuSVxLbrWi1uw7ZZ8gemDtgvu4_SkAA4sWvIbQ7zxm3iLyRHsd2q7oY9rnzfOoKkR5idG9d1M2S9gpyBHQdTe_n059AiJwDgGm6Tv2mrFV970hP-p6Al0Rw3u0o3I5Owx5ZRWqqK0PRs3eYiS7q3L9TL1MS7KbiZw139Nxj6dKmJXqIad1xZeaXRk0JDdIsLQPLK67tp7YIXHdZu9vLirOSO7QK-a0YOuYXVQo_Kl_58lS4kvUZn2CJNDvhbkuifGV95YkTwId62FGnYO-JwgV3C6o9NEwSeNr42XCVlqR2QbwmoRERb7Fa5ARhrw6IOP5ogYq-GOR5zWliwBONxotvytJApKooyQ3OXRqV5f1GZP809KvGCcTNSbX8eKlTTtNlRT2VV-Ba17fT_sEzoJ9haCxnWyh0xIYtx1iHdDnAOW_C3BcZy91JfXNd6FBRf-cqkVBsFkif1C8_eUn7mAyduTG_GNK01-kzcVBxCUCDpue8iJt8nBReH8Nm23DalCP9yrTNLIxvElIPBw7I15NSLRuZ-PYQaGKjKK62oA1PBEoeGo4TJiX1N-gXjgx_evt8_OGjeU-QvK-a2w1faimXYV9OlvE7RySrYuH_5TeNvVolT18xxkw2uODTIahiE1h44qGDraj2Jh1UNjVxdL7p9HbLtQkxDFQ85b_V7OYE2F9IMF02mX7VK9LiY560g_xKgYYYJJgT9bPVmvFCFoVSkVf0qmkia34rqmEPYf402TuKTkzWIQ2XlBMZmSZXOMJzg478nyvQzwuOzP0FUs-wYTQ9Wjhw38q8iirXlVZSO7KyKPW9vxqFz6FJ1V2tG2fGAWk5IbAMMXk85PXKzIu8Zj0IneveuRxDXlTM4EyVIgqV_kpT2kPmJ2T7SvdkmEXW1N53ls8kwmuzmoV1lorq58hrdee9lf9nRjIkQ9Gy3mU_1Ae7ueiEu_MuivXT84t8ExpGTNs09IEeyhwq5Eb391HXNOP-YEfr6ki_z92_tMms2QlVKLUhpykVlAtx7Qksjircz5xvBW_bv-lRaUzQqR0_uoKx1NSiTyO40Fv4q9yTtytVb_bX5jzl3ZqXyDDv-9PrUTp7XXqDtamrlfEO9pS8zwxLQHq_xEGs-8mp230CZx9PQQHJKdnNHZwjfH3ZSVd_1Jhxz1Su6f4pyZuxOWjpZzP74hjkaIAIFcaelx01-qVGPs8LmiFOfIUh040EBJscTDQCAmvygE4nZcFs5NRIbnViWI-isNsQyT3mU2x2wfbmbxR_IU5m53M_EGiCiX8PY7073h-pZ5LGCLZP0KloRQMspTpNAKdPxW5Ff52LAncC-ahSjYW4bdXIWVKp18mZGgvJADKE47yK9oIAQigB8mNZWAHZ4isUNihHEAEvStZMT2CcNSp1iLfzzzi5ZJnM0Kl2fIHRWw1mgYOBmHqm0RrW6ojx6kPC_l9OAkhYSU0Ic8Fyf2i_9ZJW2WNXq_bB9DaxPr5LsbjhnBMcCi8eVw8ZEmJnIlD6GeunNR_Z1f8NyroBDLhT3fK8251bsULWmguHIAD-cVpAV9jyPz2s5TA3EGJJs86rFooJKf0KM6t9PRYzFJqR6ypAcFYvcSdJikaAVKWud6PNyagCZMafILJhWAoghZb4yvqf6mzYAJ0QVzQ6R3yCy__HrP46874f_pPoKGuRFIrF16PG7jHfF-EUzDMQHa2GV_ClbGcQCNclpFpmUxYz6CRsVdfz8V4yFXHkqiDRdZFeiMlR7d7gPSWo6Enyz3EjQrHt6pQ7V0I6ZkHC0bW1OF0GJJj7LuQylTLgvp_SUgZ7LuqUU0MPOkLV7QFXC1TnjjuhdS-5SbX2aCYC1KMTytKUbdjuO95XQxko2XNvYtatXiIGKDIpU1FdGTLNWajfOZxyauVbqmac9ciX_opPwClvUu4SrE6_Rf6Bn3RdzYnS1D4hTRQs-uS-jU0MoLWkvHRqJetQTPno8v07hDWn3dLV2p7EkndOnGSw2YUyrex5bJRukfYvSap9gbu3J9mD6PMDDMNAK3U-pfwbFLG4pVvWfcvzsWoupXIBno7ZonG1h1xP0QklFSrVMTFtQepke7jnz-jZC4zPDhMWnFl6VmpbNb5J_AnwMZgHEL1JpvfVstgKipsJ6UGvrpJIF7ID8q4Mu6e8WBtCTqQ7vTkPLacyle1lWGh29KG0UhrN5jVeuLaZQwkDP-TfLxRqopj5ttH-wCiNpTqSah0-E-Xp-gJaz1rQVDS9NcJ6SsUTkLtBC3eJh8rIi_DntcF2o026r1YxeYmPm20yFiJwJYtqKdKSAXDLhLbGVrK6_sDWJzIzQbYffKSZkpJ3F9PDAVnUZAqDIPSvdakz-9-wPzHTp2V1ZT5bVjh_kzeZCuTHO4nYxO9-appRtBuwS5oVhdlJ4WD3CvCM_gPSvahP4M8gZaQIbrUS7aXM5Fad9zkNESzKkMDW-ueiNXAFnxdtU78ZxDbWHVPhSFA4q5dbK6LQiFDq2BGESWz_ok94Y_7gUsfDVn441UQiXVSeaaWp3OPQlDFAZyQ_z5UNn7OBo&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Jan 2023 13:13:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 13:13:43 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FD4F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B213wWFUVj0oU5bT0fmAK0eKyyMk94h7Aw_k-cC7Tp3VjjSb9CZUOsj_G5h8SHgchCbRqVvAQ9gsZULgy5d676Fk-TvA&cry=1&dbm_d=AKAmf-Av-8h_2fKj6TaGVxZV-mgp-qYR0xBcKSoAj2sTobN7KmEYXDOh8N4QxYCWEaHLk4f_ZjT-DT7ibOh9SITOGnrJePVIo0BOs78ORW2TLEz2pX0jNbVd-xa2fkQm-aphRne4WU8LQERw_RaoMfIpURBXlCo2c8VbkIi-QyTdi2hBNwAGwxTzvTqMfk2JKMiN9NAOT-vbZpzY2NBUoFUdIngbDSm46R_UCzkPqVrFrF_X5dfZVCxQdBBbc690RkhS5f0x4SWqIvisC94qrylBJNiEL6PTRtR5mTPNAAeZxCzsLLqQUlpk3AiBY8krFm7gxl6nuBep9-Z8EQ9EzCNHEbN3tCJgVrf1Giq-qi-QRz2jvua7M-ZrN0PVJAL3A_f-ZmoZ1xgqlcl9_mSlMUHFLACVFPxRQKWCIQxdDXBxlCr9T2ggm7Bw5CdAvPInQ-yYq8MtSEUjx7WKhr6SOjwsQ4MB6njLzh2F3CV9orPl9jkYfGjB3OKcME1srwGi-21-BWcDK6pbov8RhwhyUdRUNxxE8CS1EP7-sVUc2WKpQWMIYnXLjRKw4a9uk_ugcGeWdijuoopPhBUyUr3KB6FP6-eMGj4aOBeyhdv9y3T7-gEpnhn2OBBUEgIOoEMrUXgLoAhwpZ9L20iNINfE1N2DPuFW7v8nf6MtfwhlTFk4wrXa5u0JbUBGDOVmDKtfFDPD55idymGsXwtFVOauzyEO2mgn6GvKAnxv1RX5wnC2ctPgZqARJKPxzA0dwDcgNUR6on5CRnatykiSsRikk_t2jQz8Pq3p0Phxjrqp907jf7nWdAliyogI8q8ghOJQoLiL-3HPFna9XqOLIAUCcB0BVe4pzfiFsWCUC4nI_K4hwPyXkF1U8kxDcoKDnVTbhTPCmer6WKduPhYh2p-UFuiAfLUpO-oHFU1MfH7HrXQHfKqAXnqE2EKtC-Pbvm8kuSVxLbrWi1uw7ZZ8gemDtgvu4_SkAA4sWvIbQ7zxm3iLyRHsd2q7oY9rnzfOoKkR5idG9d1M2S9gpyBHQdTe_n059AiJwDgGm6Tv2mrFV970hP-p6Al0Rw3u0o3I5Owx5ZRWqqK0PRs3eYiS7q3L9TL1MS7KbiZw139Nxj6dKmJXqIad1xZeaXRk0JDdIsLQPLK67tp7YIXHdZu9vLirOSO7QK-a0YOuYXVQo_Kl_58lS4kvUZn2CJNDvhbkuifGV95YkTwId62FGnYO-JwgV3C6o9NEwSeNr42XCVlqR2QbwmoRERb7Fa5ARhrw6IOP5ogYq-GOR5zWliwBONxotvytJApKooyQ3OXRqV5f1GZP809KvGCcTNSbX8eKlTTtNlRT2VV-Ba17fT_sEzoJ9haCxnWyh0xIYtx1iHdDnAOW_C3BcZy91JfXNd6FBRf-cqkVBsFkif1C8_eUn7mAyduTG_GNK01-kzcVBxCUCDpue8iJt8nBReH8Nm23DalCP9yrTNLIxvElIPBw7I15NSLRuZ-PYQaGKjKK62oA1PBEoeGo4TJiX1N-gXjgx_evt8_OGjeU-QvK-a2w1faimXYV9OlvE7RySrYuH_5TeNvVolT18xxkw2uODTIahiE1h44qGDraj2Jh1UNjVxdL7p9HbLtQkxDFQ85b_V7OYE2F9IMF02mX7VK9LiY560g_xKgYYYJJgT9bPVmvFCFoVSkVf0qmkia34rqmEPYf402TuKTkzWIQ2XlBMZmSZXOMJzg478nyvQzwuOzP0FUs-wYTQ9Wjhw38q8iirXlVZSO7KyKPW9vxqFz6FJ1V2tG2fGAWk5IbAMMXk85PXKzIu8Zj0IneveuRxDXlTM4EyVIgqV_kpT2kPmJ2T7SvdkmEXW1N53ls8kwmuzmoV1lorq58hrdee9lf9nRjIkQ9Gy3mU_1Ae7ueiEu_MuivXT84t8ExpGTNs09IEeyhwq5Eb391HXNOP-YEfr6ki_z92_tMms2QlVKLUhpykVlAtx7Qksjircz5xvBW_bv-lRaUzQqR0_uoKx1NSiTyO40Fv4q9yTtytVb_bX5jzl3ZqXyDDv-9PrUTp7XXqDtamrlfEO9pS8zwxLQHq_xEGs-8mp230CZx9PQQHJKdnNHZwjfH3ZSVd_1Jhxz1Su6f4pyZuxOWjpZzP74hjkaIAIFcaelx01-qVGPs8LmiFOfIUh040EBJscTDQCAmvygE4nZcFs5NRIbnViWI-isNsQyT3mU2x2wfbmbxR_IU5m53M_EGiCiX8PY7073h-pZ5LGCLZP0KloRQMspTpNAKdPxW5Ff52LAncC-ahSjYW4bdXIWVKp18mZGgvJADKE47yK9oIAQigB8mNZWAHZ4isUNihHEAEvStZMT2CcNSp1iLfzzzi5ZJnM0Kl2fIHRWw1mgYOBmHqm0RrW6ojx6kPC_l9OAkhYSU0Ic8Fyf2i_9ZJW2WNXq_bB9DaxPr5LsbjhnBMcCi8eVw8ZEmJnIlD6GeunNR_Z1f8NyroBDLhT3fK8251bsULWmguHIAD-cVpAV9jyPz2s5TA3EGJJs86rFooJKf0KM6t9PRYzFJqR6ypAcFYvcSdJikaAVKWud6PNyagCZMafILJhWAoghZb4yvqf6mzYAJ0QVzQ6R3yCy__HrP46874f_pPoKGuRFIrF16PG7jHfF-EUzDMQHa2GV_ClbGcQCNclpFpmUxYz6CRsVdfz8V4yFXHkqiDRdZFeiMlR7d7gPSWo6Enyz3EjQrHt6pQ7V0I6ZkHC0bW1OF0GJJj7LuQylTLgvp_SUgZ7LuqUU0MPOkLV7QFXC1TnjjuhdS-5SbX2aCYC1KMTytKUbdjuO95XQxko2XNvYtatXiIGKDIpU1FdGTLNWajfOZxyauVbqmac9ciX_opPwClvUu4SrE6_Rf6Bn3RdzYnS1D4hTRQs-uS-jU0MoLWkvHRqJetQTPno8v07hDWn3dLV2p7EkndOnGSw2YUyrex5bJRukfYvSap9gbu3J9mD6PMDDMNAK3U-pfwbFLG4pVvWfcvzsWoupXIBno7ZonG1h1xP0QklFSrVMTFtQepke7jnz-jZC4zPDhMWnFl6VmpbNb5J_AnwMZgHEL1JpvfVstgKipsJ6UGvrpJIF7ID8q4Mu6e8WBtCTqQ7vTkPLacyle1lWGh29KG0UhrN5jVeuLaZQwkDP-TfLxRqopj5ttH-wCiNpTqSah0-E-Xp-gJaz1rQVDS9NcJ6SsUTkLtBC3eJh8rIi_DntcF2o026r1YxeYmPm20yFiJwJYtqKdKSAXDLhLbGVrK6_sDWJzIzQbYffKSZkpJ3F9PDAVnUZAqDIPSvdakz-9-wPzHTp2V1ZT5bVjh_kzeZCuTHO4nYxO9-appRtBuwS5oVhdlJ4WD3CvCM_gPSvahP4M8gZaQIbrUS7aXM5Fad9zkNESzKkMDW-ueiNXAFnxdtU78ZxDbWHVPhSFA4q5dbK6LQiFDq2BGESWz_ok94Y_7gUsfDVn441UQiXVSeaaWp3OPQlDFAZyQ_z5UNn7OBo&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 17:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:16:52 GMT
2875696011267236271
s0.2mdn.net/simgad/ Frame FD4F 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2875696011267236271
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
8c2a1c4e7f4cf1907de90f5a11c1e5411ee7c5d3bd5dd50a99357777c081a95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:47:10 GMT
x-content-type-options
nosniff
age
77193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83174
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 04:16:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Jan 2024 15:47:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 418B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame AC56 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
4ce3b56d18243c24878082c929312e13160b390b6d88f95dcdf913b360077e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
316672594161580732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:13:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 893C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
34722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 03:35:01 GMT
etag
48472445140208031
expires
Sat, 07 Jan 2023 03:35:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FD4F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d45ebaa1c6ac615f740b5f04b0ef52b7355c74594aef769363a382a15ee577e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame 893C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEO05NesC47v2-KM6_XRzUZM&google_cver=1&google_push=AavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVk...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO05NesC47v2-KM6_XRzUZM&google_cver=1&google_push=AavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toB...
43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO05NesC47v2-KM6_XRzUZM&google_cver=1&google_push=AavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7854b672a89f1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
902
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO05NesC47v2-KM6_XRzUZM&google_cver=1&google_push=AavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Mm804Yl3xsjpL9rpC2XfvwAOb_D6UnQlfTFSrZN0OKO96Ak5tZzL6jmyU8KxR_ZbDSD7MqKhf8ntphG2Pz2fBJQ-13toBVkw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7854b670ffaa1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 893C
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEFTakMN8YbaSnzxcO8t7xyI&google_cver=1&google_push=AavPq0M5yAkkbHz2UHuYnJLNHXOnLjQ8F10XoHtFgN0fTn4JhqCtSfUiAJwbWbFR31u0a5Wmzc0DnOx07hgQpy5...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk5MzI5NTgzNQ&google_push=AavPq0M5yAkkbHz2UHuYnJLNHXOnLjQ8F10XoHtFgN0fTn4JhqCtSfUiAJwbWbFR31u0a5Wmzc0DnOx07hgQpy5MqpefOJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk5MzI5NTgzNQ&google_push=AavPq0M5yAkkbHz2UHuYnJLNHXOnLjQ8F10XoHtFgN0fTn4JhqCtSfUiAJwbWbFR31u0a5Wmzc0DnOx07hgQpy5MqpefOJac2S_zmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_hm=OTk5MzI5NTgzNQ&google_push=AavPq0M5yAkkbHz2UHuYnJLNHXOnLjQ8F10XoHtFgN0fTn4JhqCtSfUiAJwbWbFR31u0a5Wmzc0DnOx07hgQpy5MqpefOJac2S_zmQ
Date
Fri, 06 Jan 2023 13:13:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 893C
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESENxFoFpmutQNCdxYjl9Um5s&google_cver=1&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP
  • https://rtb.openx.net/sync/dds?google_gid=CAESENxFoFpmutQNCdxYjl9Um5s&google_cver=1&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP&google_hm=YYnybXTPz0g_dKGpCeLRpQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP&google_hm=YYnybXTPz0g_dKGpCeLRpQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0NQz7F6BJA6jIXgmllB_8SYPgSg71sYnSxAo-At64QndMbSlT0nXjfHEeSBBpKhXxKeHI1i5dXlX7vJUV30jDsiUqpUbctP&google_hm=YYnybXTPz0g_dKGpCeLRpQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
1mq9i2b43tl6psm249c3r1s80kqbi1sd
pixel
cm.g.doubleclick.net/ Frame 893C
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELP_tbv5Am6i9g1oa6w_Byk&google_cver=1&google_push=AavPq0N94mDBdciehc1oDybVE6zFUo0Lfh-YbbyMzOfVjbLNNxHqfE8kGZcda_Mai7WrCjbH5AovwQs7qy1VrBLJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe6845f2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0N94mDBdciehc1oDybVE6zFUo0Lfh-YbbyMzOfVjbLN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe6845f2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0N94mDBdciehc1oDybVE6zFUo0Lfh-YbbyMzOfVjbLNNxHqfE8kGZcda_Mai7WrCjbH5AovwQs7qy1VrBLJwhyU6psLKs4hLQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Jan 2023 13:13:44 GMT
via
1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=fe6845f2&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AavPq0N94mDBdciehc1oDybVE6zFUo0Lfh-YbbyMzOfVjbLNNxHqfE8kGZcda_Mai7WrCjbH5AovwQs7qy1VrBLJwhyU6psLKs4hLQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
sUXped3SS0rI6tqhOXgFEvJVuHhNkoqFYcJuQ-AEoMyMVmN0hsk4jw==
pixel
cm.g.doubleclick.net/ Frame 893C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-5867ca82-0a24-4af2-b300-bf3cf1b34568-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0P0aJOkZ1Ep8v1bJRUbv...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw&google_hm=BFhnyoIKJEryswC_PPGzRWg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw&google_hm=BFhnyoIKJEryswC_PPGzRWg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0P0aJOkZ1Ep8v1bJRUbvqCa7WTccmG9DUE1kfkOF-0H6BhM1OAXuvlAMS6UCGAxqnGxWmgZXNRIX_ruFTM-sdMB4c_5W9D_Fw&google_hm=BFhnyoIKJEryswC_PPGzRWg
date
Fri, 06 Jan 2023 13:13:46 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5867ca820a244af2b300bf3cf1b34568004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 893C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEIpz_5SdTw3l-FLw3FTN-Qg&google_cver=1&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2L...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2LS...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2LSacw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0&google_push=AavPq0PTui35KLJLih24ZGznTAjzDB0QsAKakp8IF9hYnLdamdBmX9Et2gfV2fYr1DP0NnrZEwgMVpS27ShqWrxCnWGoZfOm2LSacw
date
Fri, 06 Jan 2023 13:13:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 893C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPILv_sHy...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPI...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=074d7077-2f34-403b-a2aa-df0dcaff65fc&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=074d7077-2f34-403b-a2aa-df0dcaff65fc&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=074d7077-2f34-403b-a2aa-df0dcaff65fc&%%GOOGLE_PUSH_PAIR%%
Date
Fri, 06 Jan 2023 13:13:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 893C 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K52922_8Q0S_FQhSLpujvoeFP9tW-VRe0M1B-ArgDDt-v-K2BIgEjxFqUjEgMEITqkSjUTEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.co.nz/adsid/ Frame AC56 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AC56 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2FF5 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
3b7811b89746250f1c9bfb64a456b9357a5a7616f35bbb2d7a0b1510a640bdfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9684
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:44 GMT
content-encoding
gzip
etag
"WQX8ubvDGl3DCUDHzxu0sA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 13 Jan 2023 13:13:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4970 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn1rgIQhbjaAhj0uNDXATAB&v=APEucNV21D8GE62BofenRBDpS5gkMe017K9gyIBesdC_aIWN5qGTBgw-hraCYKYTuAIlcgRjq4SMnDGkhThVDykthMXwQ3fMDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4AFB 		67 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a7355c17c6f32199e19bd445ba6b34daf8d905dd1bb07f870c8e2cc08fce9077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33200
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 4AFB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 16:07:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
75961
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 16:07:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 4AFB 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 18:53:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
66024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 18:53:20 GMT
l
www.google.com/ads/measurement/ Frame 4AFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwMUeHkXerik12Y_Hloq-nw0O0zjHq3zC2ked4qi73TOZMxOxcOO09W2yOnpeTYnPkb1hdEdvo46M0MH3cJhMohOBQ3g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4AFB 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AFB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBDxuZBGK5uDVPcsjOXV-J3yLXD-FoaJb8Jtr-psOuPhmHcjPGhlhTrfdz1XhXYUf7tBQv5alMToMuI8Bf2oJ5-HPrmEMOQntFGiwE6tRvMNUw_WE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 70D1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
84467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 13:45:57 GMT
expires
Fri, 05 Jan 2024 13:45:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FD4F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHIvyrUNt98cjtmtDNti635-M_yqeaWAkRSPSpomFKxRAEEZYpte9kk2fX2jL85f6YS_bf3Af1fciKYGV-n6dnkvPjXMyrAVEXuy_lAMHdwnyX9fJH40Oh9P9OZ7veEixw-OG2uReMuUGBiTQtZXlfhU9riIoMzywRvDdqD97tK0Q7ZoZpctqmPYLEcYicK5xNp41poB3DUN3FRfDBrKlYVK_cWC2A-GoQESWUKLJdqTbKfSHXfST0qLEHDXHOCR6uql1xdWgesmCA50ff-UyENKuQNoT4oBLqD4zfmHRaZo13FGqgXu5KICcKnmZkPmKWf9OUhQsVWtx0T7aGDXy_l7vUqbZEBGYCGCfutmeCRS5yIXwPAOfK1U90HolS45kQVdX-nANRY9yk3bg0ula7_CtKDvQrrQY345SKMCUVEMkKJIECCCbG-lsIKHpj9K2B8Sh4ZdK0gVBDShSR0XCUSAmSOEAd0H3ZS_x-fLWSrIj_DuoPv84gZzRGvVXnEoNGRi5ysUI4V7Tg96Qi47e014cdALGUYrP59JEHHlNmPud_m59pwCGPt5PSo0cdzcUcjkKHParIpukNT_SZecNqJEcdlbyRiMnQpKlsKs9_aYKJXvhl7r5BKRpZtbEVZuc1TcMEUdReo09RpzzBvykhQikPnstf7G2xtN7uFTFqtL4x3aHjzjLfO6JqZnk2CBovzVzF1ZXxCQSBS18MPFCf2bHFgYAx1QEC_hn61fZfPDYJSt8uGRu-k89SB7T42304jX9TFFR1GvRXTaWUtcmWWQ8SpxZhNHgK4t-jhwZ1A3SnndSjslx79-e5Gj2eeFlX9WCV5SFWScemsQZ3ZOgDSF94DVJICbTeg39XOulQOIwBvIuZaT5hPyBavcqTE3n9_m5STkgMXwfiXetiG3zQVvIXqEPl7tchcrdVu8DqzuWU-7jTnbMAY3BRFBvvwFgwHygcypoYwL7OPqdZyX9yXqRrlBNb5t_oQxwSOwChiQZUzk8jwK91qjsq1WTujAyCj0ejQWMsm0D4GTDNkpGLdtjhSS1zCwjhvwZlmsegTiL0vRe8YOLgdXdScbauI6AgSfTotcpi0K4CBzrNx19DCK9K6FtQgv-yTRUX6pBrVdMYabrvb3RMizLeRw8f1Fh0YRInYf60vuJtvcGUGQmQeB2ToBorFei0mpbtLoOx_LZNE5TwFekBMtc6NkQQcCgOkcxd8AmiBwU6R8un2OhSmaJd4FSOS9ByH40FappG5lb0FZ2Z&sai=AMfl-YSGDL8m7tb7CEvwfFcZ_V7y7T4rDVzm1Nw-KtnytGkVNr29mgIHapTGcV6gGqpoWF4se5Xekt2_FjyXDZBh4KEQJQsLeoy2Hb0lBjujchIB-QI4K4bCStgIY3jKlJw_bZ_q9u0enauPC4o9d82ogmdh4SYDxaAICwFEvFUIP2UC3yeSkiFBBS_f8UDD_-H2DcFyqTwgzpBcTi8bP6jYGRQgpbQOw5mpd_LwrX5V5FDdoy9_aSIsS3PbS26zSOGou08WLyOUgc0&sig=Cg0ArKJSzKbHp4_YvawbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1406&vt=11&dtpt=1405&dett=2&cstd=0&cisv=r20230104.35886&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B213wWFUVj0oU5bT0fmAK0eKyyMk94h7Aw_k-cC7Tp3VjjSb9CZUOsj_G5h8SHgchCbRqVvAQ9gsZULgy5d676Fk-TvA&cry=1&dbm_d=AKAmf-Av-8h_2fKj6TaGVxZV-mgp-qYR0xBcKSoAj2sTobN7KmEYXDOh8N4QxYCWEaHLk4f_ZjT-DT7ibOh9SITOGnrJePVIo0BOs78ORW2TLEz2pX0jNbVd-xa2fkQm-aphRne4WU8LQERw_RaoMfIpURBXlCo2c8VbkIi-QyTdi2hBNwAGwxTzvTqMfk2JKMiN9NAOT-vbZpzY2NBUoFUdIngbDSm46R_UCzkPqVrFrF_X5dfZVCxQdBBbc690RkhS5f0x4SWqIvisC94qrylBJNiEL6PTRtR5mTPNAAeZxCzsLLqQUlpk3AiBY8krFm7gxl6nuBep9-Z8EQ9EzCNHEbN3tCJgVrf1Giq-qi-QRz2jvua7M-ZrN0PVJAL3A_f-ZmoZ1xgqlcl9_mSlMUHFLACVFPxRQKWCIQxdDXBxlCr9T2ggm7Bw5CdAvPInQ-yYq8MtSEUjx7WKhr6SOjwsQ4MB6njLzh2F3CV9orPl9jkYfGjB3OKcME1srwGi-21-BWcDK6pbov8RhwhyUdRUNxxE8CS1EP7-sVUc2WKpQWMIYnXLjRKw4a9uk_ugcGeWdijuoopPhBUyUr3KB6FP6-eMGj4aOBeyhdv9y3T7-gEpnhn2OBBUEgIOoEMrUXgLoAhwpZ9L20iNINfE1N2DPuFW7v8nf6MtfwhlTFk4wrXa5u0JbUBGDOVmDKtfFDPD55idymGsXwtFVOauzyEO2mgn6GvKAnxv1RX5wnC2ctPgZqARJKPxzA0dwDcgNUR6on5CRnatykiSsRikk_t2jQz8Pq3p0Phxjrqp907jf7nWdAliyogI8q8ghOJQoLiL-3HPFna9XqOLIAUCcB0BVe4pzfiFsWCUC4nI_K4hwPyXkF1U8kxDcoKDnVTbhTPCmer6WKduPhYh2p-UFuiAfLUpO-oHFU1MfH7HrXQHfKqAXnqE2EKtC-Pbvm8kuSVxLbrWi1uw7ZZ8gemDtgvu4_SkAA4sWvIbQ7zxm3iLyRHsd2q7oY9rnzfOoKkR5idG9d1M2S9gpyBHQdTe_n059AiJwDgGm6Tv2mrFV970hP-p6Al0Rw3u0o3I5Owx5ZRWqqK0PRs3eYiS7q3L9TL1MS7KbiZw139Nxj6dKmJXqIad1xZeaXRk0JDdIsLQPLK67tp7YIXHdZu9vLirOSO7QK-a0YOuYXVQo_Kl_58lS4kvUZn2CJNDvhbkuifGV95YkTwId62FGnYO-JwgV3C6o9NEwSeNr42XCVlqR2QbwmoRERb7Fa5ARhrw6IOP5ogYq-GOR5zWliwBONxotvytJApKooyQ3OXRqV5f1GZP809KvGCcTNSbX8eKlTTtNlRT2VV-Ba17fT_sEzoJ9haCxnWyh0xIYtx1iHdDnAOW_C3BcZy91JfXNd6FBRf-cqkVBsFkif1C8_eUn7mAyduTG_GNK01-kzcVBxCUCDpue8iJt8nBReH8Nm23DalCP9yrTNLIxvElIPBw7I15NSLRuZ-PYQaGKjKK62oA1PBEoeGo4TJiX1N-gXjgx_evt8_OGjeU-QvK-a2w1faimXYV9OlvE7RySrYuH_5TeNvVolT18xxkw2uODTIahiE1h44qGDraj2Jh1UNjVxdL7p9HbLtQkxDFQ85b_V7OYE2F9IMF02mX7VK9LiY560g_xKgYYYJJgT9bPVmvFCFoVSkVf0qmkia34rqmEPYf402TuKTkzWIQ2XlBMZmSZXOMJzg478nyvQzwuOzP0FUs-wYTQ9Wjhw38q8iirXlVZSO7KyKPW9vxqFz6FJ1V2tG2fGAWk5IbAMMXk85PXKzIu8Zj0IneveuRxDXlTM4EyVIgqV_kpT2kPmJ2T7SvdkmEXW1N53ls8kwmuzmoV1lorq58hrdee9lf9nRjIkQ9Gy3mU_1Ae7ueiEu_MuivXT84t8ExpGTNs09IEeyhwq5Eb391HXNOP-YEfr6ki_z92_tMms2QlVKLUhpykVlAtx7Qksjircz5xvBW_bv-lRaUzQqR0_uoKx1NSiTyO40Fv4q9yTtytVb_bX5jzl3ZqXyDDv-9PrUTp7XXqDtamrlfEO9pS8zwxLQHq_xEGs-8mp230CZx9PQQHJKdnNHZwjfH3ZSVd_1Jhxz1Su6f4pyZuxOWjpZzP74hjkaIAIFcaelx01-qVGPs8LmiFOfIUh040EBJscTDQCAmvygE4nZcFs5NRIbnViWI-isNsQyT3mU2x2wfbmbxR_IU5m53M_EGiCiX8PY7073h-pZ5LGCLZP0KloRQMspTpNAKdPxW5Ff52LAncC-ahSjYW4bdXIWVKp18mZGgvJADKE47yK9oIAQigB8mNZWAHZ4isUNihHEAEvStZMT2CcNSp1iLfzzzi5ZJnM0Kl2fIHRWw1mgYOBmHqm0RrW6ojx6kPC_l9OAkhYSU0Ic8Fyf2i_9ZJW2WNXq_bB9DaxPr5LsbjhnBMcCi8eVw8ZEmJnIlD6GeunNR_Z1f8NyroBDLhT3fK8251bsULWmguHIAD-cVpAV9jyPz2s5TA3EGJJs86rFooJKf0KM6t9PRYzFJqR6ypAcFYvcSdJikaAVKWud6PNyagCZMafILJhWAoghZb4yvqf6mzYAJ0QVzQ6R3yCy__HrP46874f_pPoKGuRFIrF16PG7jHfF-EUzDMQHa2GV_ClbGcQCNclpFpmUxYz6CRsVdfz8V4yFXHkqiDRdZFeiMlR7d7gPSWo6Enyz3EjQrHt6pQ7V0I6ZkHC0bW1OF0GJJj7LuQylTLgvp_SUgZ7LuqUU0MPOkLV7QFXC1TnjjuhdS-5SbX2aCYC1KMTytKUbdjuO95XQxko2XNvYtatXiIGKDIpU1FdGTLNWajfOZxyauVbqmac9ciX_opPwClvUu4SrE6_Rf6Bn3RdzYnS1D4hTRQs-uS-jU0MoLWkvHRqJetQTPno8v07hDWn3dLV2p7EkndOnGSw2YUyrex5bJRukfYvSap9gbu3J9mD6PMDDMNAK3U-pfwbFLG4pVvWfcvzsWoupXIBno7ZonG1h1xP0QklFSrVMTFtQepke7jnz-jZC4zPDhMWnFl6VmpbNb5J_AnwMZgHEL1JpvfVstgKipsJ6UGvrpJIF7ID8q4Mu6e8WBtCTqQ7vTkPLacyle1lWGh29KG0UhrN5jVeuLaZQwkDP-TfLxRqopj5ttH-wCiNpTqSah0-E-Xp-gJaz1rQVDS9NcJ6SsUTkLtBC3eJh8rIi_DntcF2o026r1YxeYmPm20yFiJwJYtqKdKSAXDLhLbGVrK6_sDWJzIzQbYffKSZkpJ3F9PDAVnUZAqDIPSvdakz-9-wPzHTp2V1ZT5bVjh_kzeZCuTHO4nYxO9-appRtBuwS5oVhdlJ4WD3CvCM_gPSvahP4M8gZaQIbrUS7aXM5Fad9zkNESzKkMDW-ueiNXAFnxdtU78ZxDbWHVPhSFA4q5dbK6LQiFDq2BGESWz_ok94Y_7gUsfDVn441UQiXVSeaaWp3OPQlDFAZyQ_z5UNn7OBo&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&rfl=2%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 13:13:44 GMT
sd
us-u.openx.net/w/1.0/ Frame 4970
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn1rgIQhbjaAhj0uNDXATAB&v=APEucNV21D8GE62BofenRBDpS5gkMe017K9gyIBesdC_aIWN5qGTBgw-hraCYKYTuAIlcgRjq4SMnDGkhThVDykthMXwQ3fMDQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4970
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTJiMGFiOWItMTQzZS0yOGMyLWNjZTAtYjdhNzEwMTkyNTdm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTJiMGFiOWItMTQzZS0yOGMyLWNjZTAtYjdhNzEwMTkyNTdm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn1rgIQhbjaAhj0uNDXATAB&v=APEucNV21D8GE62BofenRBDpS5gkMe017K9gyIBesdC_aIWN5qGTBgw-hraCYKYTuAIlcgRjq4SMnDGkhThVDykthMXwQ3fMDQ
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Jan 2023 13:13:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTJiMGFiOWItMTQzZS0yOGMyLWNjZTAtYjdhNzEwMTkyNTdm
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 4970
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEF0XdAL18qW_IghattaDY0g&google_cver=1
23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEF0XdAL18qW_IghattaDY0g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn1rgIQhbjaAhj0uNDXATAB&v=APEucNV21D8GE62BofenRBDpS5gkMe017K9gyIBesdC_aIWN5qGTBgw-hraCYKYTuAIlcgRjq4SMnDGkhThVDykthMXwQ3fMDQ
Protocol
H2
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 06 Jan 2023 13:13:45 GMT
pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEF0XdAL18qW_IghattaDY0g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4970
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ0MDc2NzQtZmIyNy00MDA0LThkMDgtNDk5ZDU2ZTM2ODEy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ0MDc2NzQtZmIyNy00MDA0LThkMDgtNDk5ZDU2ZTM2ODEy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNn1rgIQhbjaAhj0uNDXATAB&v=APEucNV21D8GE62BofenRBDpS5gkMe017K9gyIBesdC_aIWN5qGTBgw-hraCYKYTuAIlcgRjq4SMnDGkhThVDykthMXwQ3fMDQ
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZjQ0MDc2NzQtZmIyNy00MDA0LThkMDgtNDk5ZDU2ZTM2ODEy
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 06 Jan 2023 13:13:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 4AFB 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
7485935580621256062
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:35:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/ Frame 4AFB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:35:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:35:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4AFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrWqs6mNWLGWVKAmsIe_fFqCy6WNLuI8Ld2ssT4QIl1Bp6tQOZg4jxpna65PIF-z7RUffjF9izT8hTMaZkQv2im-LkKtALz3_BwPwpu5oyhNkApRUD7ee45esx8Aqokm10RAlYboNDOm9DZPuHLnQdfxQ6prLrdcKpY7xH8Mrtx7zbthfbOFQ2-1y2BwliooOGvEBWHNXsIVwtqOPGtqwx6F3SMc6_BaGc4fVKD33mslo1OD_aSeglhRJL4QgFXIcG5ahu7Hs_7SbFEpqMWYmcUIRyU99IpZ4nZI3oorFaOXmXQOeNjlr2LCKXkkwxlQXZnwrtFzT6aQh8Mnjymo2-9QggKSKH1QYPB5CeemGeQnpRs_VnVrgLc4ExrRFy0t5nxRNoGiPc9NC_wKrB8ir655wuPYs90sGGRS-HXPR6I9oLgKvotJx_rSGbDEyZJwVOOXC18cwHNd-uCH3qS3wg653X5NbQzYtIza1E-DXq4x_gqtzwW4X33zHDPSyxpEg5fMONpIDjosi3uAWNQm9w3S7easTCvcXPI_5Z6fOMvkfN3dZLOUsh5g7q49dvlfN5Z2nqS3Ps5B6W9JBAu4P6KoKDoOEPkYARc8l9vWJ-ZoXX9NTVd19y144ua7i1GKjj9QaGOB_yoEElK0OXjtcn-IyHUH5khpOf-_q2cn4cxloZ-Xgo1-wjAWoUKycQyqzeB9WvrxNzWIT-nsKpqMmShLjRdqxr_s0yYfc8BGmM9bbHB0BCTvAI3oaYOZHIz4i5UqKB1WN9yl6oOUm9EWnILWWvbvfi5qzmXIBbDxB_fscoaCcPChS8C-tPcRmBUlHspq3GYfqf2v7oS1hMUqSXSMzFzbyLLJutVh2-nxHTXQmSpREjcFlaJv0d4CgopJw8VwUA4PzGV0NfOyRB9GAJD4lU4kJ_olPlUy3pYPCl_3fEJgzCnPg0sltT9yMaRzoj5jh1yatOOSbuXL1w2hBb-GcDYZ3Y3DX1UKkmNdsxlRXyn0MULJGCmxikhsVatm5j9LH2LrQgKUJ09yH402LbrdxaRP7IlZzUlUc4DcqZExg9Mb6tKfYS1RxnjUbjsTFmmo9PvdAoqob6lpBywZ-2W_l7NjaVGrRit8N5dmsf7D0tuWmukpEHk46z-qNgrEbsIDJFiSmlwUp5C2iTy4_AJgo_otoglbcOC6rgaC4&sai=AMfl-YSAkCCaw_7-TM5t_YL9A6_Zt6nToIRnGOFe3MxILTg37qneEJq5Rg33mW0DhUIhWz-By_rMi0rvUL2GjJAAc5eGq-DMiWzV64XkGHAgO6lEnNvq3AT_KAEqYQ71T1n-R9P3IIa-aaG2pumdD-zAqdQGtSds43HUVNWDw_xUXF-tsqna_0kLsg3nQBZhYkwJ4cqcFHLA--z_VhSTRPY&sig=Cg0ArKJSzI6hD6yrOIVdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230104.07349&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Jan 2023 13:13:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 13:13:44 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4AFB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 17:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 17:16:52 GMT
7898198027439234507
s0.2mdn.net/simgad/ Frame 4AFB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7898198027439234507
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
24de1319f0ba3f987fea8b613dbf4c46dc03da82167057edd4e11fa9332677be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:59:20 GMT
x-content-type-options
nosniff
age
47664
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25900
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 03:34:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 Jan 2024 23:59:20 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 70D1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230106
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37a25012177a22bd838094f24ead5bd9c18c7ee5f1414cf31210c65955b471ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 06 Jan 2023 13:13:45 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
33174
x-jsd-version
1.0.1578
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
905
x-served-by
cache-fra-eddf8230021-FRA, cache-fty21322-FTY
x-jsd-version-type
version
etag
W/"638-vQfu8QJopnuJ3cvCQtJ8+g5fto0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=65759309323
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 13:13:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
hbjson
grid.bidswitch.net/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
027ae5fb4933b58b47404641dfce6189212a2959fc84e44a157bf376a4ec1649

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 06 Jan 2023 13:13:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
4530
cygnus
htlb.casalemedia.com/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2292c2df286dfc28%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22162db87c41c0067%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2219bf507ba3f3786%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2220c50f677cae2bb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2240b4d72b-32cc-47b1-8713-0cd773cd1dd2%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62f99e5be9117d8d1b4347d5631897987ba830992619e51de9d2056a837d7a9

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RU0OkO6xpPo6WPHs8GJ6LbBIIbLJoCOk60CsAMg%2BflEEHy%2BOq1pHWUE1lmlDhMUJhw0hKqkJSGQ%2FwKkT92BDwOUdaHA2ZIkrTVtN81Np07GFt%2Fp%2FK2yvfNyv0CAbjWBoI2G1kRK2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7854b6785c871c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2292c2df286dfc28%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2219bf507ba3f3786%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2220c50f677cae2bb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2240b4d72b-32cc-47b1-8713-0cd773cd1dd2%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b24ba743565b2d2aeca2b04a6c9995676d1a255b5bc153ae948dffe18aa0c109

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxPvq75C744AhnB90vnwHwuWf5p0BkF6YMlih1mArJWQ4FJ8Tf%2BKBmmwGhSC18Sj9qZPnTUaI5%2FsQNZTyvwV8VmxxMsEI0gNlQYeCrGG777hMirgGIxWfiVmKbQ%2FhhzifiVB3%2BMk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7854b6785c8a1c54-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
adreq
ads.servenobid.com/ 		608 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9337
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.223.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-223-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
60648cb246ce4141867e508bce0a2c82feae1415a695e7cb96acfc6acc7705bd

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 06 Jan 2023 13:13:45 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.117.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-117-252.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b5f4b6fa08b44a82fd482461413ee50b5791f5937c764c042ba17405ee9504e8

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.117.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-117-252.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7f6f26aead5ceba2476808c1ad2d7c561491548f0ad48332199ae91ff6397419

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.117.252 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-117-252.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d0d1672df0a0fc2d82b4eee0dbb87b7c4ef5b7071d74fc00d6866e8f7944777d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-prebid
pbs-java/1.106.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=40b4d72b-32cc-47b1-8713-0cd773cd1dd2%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=e1e5ba2e-c6d4-4d5f-9276-183391457f93%3B768df4c8-b98f-4a66-815c-132377e11757%3Ba54243e0-2ffb-434f-876c-f0274a6574cd&l_pb_bid_id=38508ba1806661c%3B3943a85ecefc21f%3B406461aeee84b04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.7897025026583042
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76170fadd3304c92ee794c5d9beb9eba533c7bdd96fead5608fb66ea54c6df76

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:46 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Fri, 06 Jan 2023 13:13:44 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.44.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-44-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
30
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
526fb00dd22ec247e49ea238e1c97a93bcd42c79f052390c9297a452f9e152ab
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 06 Jan 2023 13:13:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f0432a44-0545-4de2-be48-d44816e396d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bce6e806acba5d4cd6224a759d9ad29e6d868d59f71390b344df7bc7c8f9416d

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
189
alt-svc
clear
expires
Fri, 06 Jan 2023 13:13:45 GMT
arj
adpushup-d.openx.net/w/1.0/ 		174 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d338e194-cd46-4a29-813d-da78c66b50bf%2C73795ba2-ac2d-434a-96e5-ba309f8418e0%2C7afed0a7-cbe1-4b20-9970-11e0ac3aa1b4&nocache=1673010824734&pubcid=40b4d72b-32cc-47b1-8713-0cd773cd1dd2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bf32e592222284415f4b7a0a09712ecd212753ada7015721aa0b5f04d084f0e4

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5607a7f1-f8bf-4c38-a391-f822199e9b7d&nocache=1673010824735&pubcid=40b4d72b-32cc-47b1-8713-0cd773cd1dd2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=425f038f-11fc-43f6-b019-2b33a2a91655&nocache=1673010824735&pubcid=40b4d72b-32cc-47b1-8713-0cd773cd1dd2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:44 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e9b8f0b1-18d6-4ccd-9f26-93eab2513424&nocache=1673010824735&pubcid=40b4d72b-32cc-47b1-8713-0cd773cd1dd2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.12.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-12-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:50:52 GMT
via
1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
g2YTpU0jLKyuQS-5HQFB2yPQP36nIoMNX5U28ipponRbwuq-zLxeYQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ACE9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
34723
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 03:35:01 GMT
etag
48472445140208031
expires
Sat, 07 Jan 2023 03:35:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4AFB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b4f791915536424f116053897a43815d7f55785f1e8c5db0029eae326593057

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 70D1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSoOBhh64Y4zjIufg3LUP8fKq4AkAAAAAOAHgBAI&bg=!zs2lzYnNAAYDMoyoIzI7ACkAdvg8Wr0tfpC173dRkMTubmYr_7hUl_4trdrIx0oUAb__Bob34kqdxAIAAABkUgAAAAJoAQeZAtUkK_65fq_fWa4G040ZrmSfrsD1LNS6tbAa3P7EEtfTWWbf082fTjqdWwARw4VWZeVJ1k1mkKu7UKbVhApQfAW53WPdMPL-h6jBHvPRzCVYgO-pf1bzIv5QL_4Ej2xvInBQkrB1F9WyFqTEv5YuWInCQEf4LZqXW1YM0EUEsldFm6D2D85wz0oOq_T7xE3sN2THrJ5g_korLc1nb_MsfJkSUW2I2oqRGvtgBZHwkITDYVOA3wSkb5g4m-RLlruGfwHhiXS2YC_INhCzUL-l9BLfboUED9mjJ0lSWWDEs9bJf29_GmFlVshiXS_QhDx77E_BZfvxD3GunzXNO39W9Avuo82nn8_rqx54b8Szvn9B3P2YuOgHKoU2Eluxn-RTdl6yeeGx98CJcfSsAg0S7eFixt0LKSTTezPP_mh2HVQCI0uWN4EsSg7qQiYu7u9SM-Hw4n3AEM3PbFOui0ZL7DJn1fv9qcVnkW4r33cz7av1ODx8XTKXhk7_gc-E1IpX2cgva5rpKnCRE9W-HEzUCZPe9H4bMS1yIbNAJXK1ckQ3wl7dajqsWxOQMKczBIq44bglei5lNKcYY32o8HHK1AYwCqh6cXKy7n9EXf4CZMYbUvLtXnTysD_Vl1Vtmedqp5d2gtMfoMao2gWLuSDeTPNA3bDa4KSfGEspdtAGqefIoe9-VUenN88bsE033gXSnQ0wXZynOcLbdiuR2I_sgg5Y_yFpEE_XSRvFDAY9RaVX1urFPUq-AswMrYVjh0xcRGhpc3i1NXD7Z4LhhTHKGD2NH8bgMU0uoDdmrABQVpMUsFCbkBqc6ZA43WtJqfS4eVUunHayxTGZhaLh1gGa0IJfh3oJkNjne0fKVPKV1_cDokaDLRwZ8F4ObsVJsBIchDvyov8cOSqwpBuXjDzPS7FXo77K-ALb8LuN4GFFo1DzwNfIg5Spzo1V3wDZIxgMEHSs9kW3DA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1673010821&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010819633&bpp=5&bdt=1450&idt=2251&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&cookie=ID%3D3e5210899910ea5d-2285a5ee32d90043%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZ0ia1zfHdIMQCT9kwlhMGEopQl2A&gpic=UID%3D00000b9eeff2fb2a%3AT%3D1673010821%3ART%3D1673010821%3AS%3DALNI_MZIWop9qxPGE0vY3KarHFj0ysItwA&correlator=6105672055831&frm=23&ife=1&pv=1&ga_vid=1069194912.1673010822&ga_sid=1673010822&ga_hid=332350335&ga_fc=0&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1221967134&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44780792&oid=2&pvsid=1789670566754654&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.f4drak5l6fc2&fsb=1&dtd=2269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ACE9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA5rUJfcejhn0q2MdSwdoP8&google_cver=1&google_push=AavPq0Ovmp4YiZeABOrKh-WbDj23ZkjlpFtOrN0AWAj-q6RLTRAwUipOm_DX5wGvf__GMri3Tb0axTsb_raOACq9LE...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEA5rUJfcejhn0q2MdSwdoP8&google_cver=1&google_push=AavPq0Ovmp4YiZeABOrKh-WbDj23ZkjlpFtOrN0AWAj-q6RLTRAwUipOm_DX5wGvf__GMri3Tb0axTsb_raOACq9LE...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWQyZDEzOTItZTFmZi00MGViLWJjM2QtYTYyZjIzYzQ0MWQy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWQyZDEzOTItZTFmZi00MGViLWJjM2QtYTYyZjIzYzQ0MWQy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MWQyZDEzOTItZTFmZi00MGViLWJjM2QtYTYyZjIzYzQ0MWQy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame ACE9
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEM3Zm4jhYFXgEBfZhuhZpyA&google_cver=1&google_push=AavPq0Nip4n_WGM7CZKNmEOkXUN_2m4EFJg5e6G4slv6-WHiAi7kKngqQia_z3NPkstgsB5pMKD9bl2...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Nip4n_WGM7CZKNmEOkXUN_2m4EFJg5e6G4slv6-WHiAi7kKngqQia_z3NPkstgsB5pMKD9bl2ZjK0xJupBoBSCUi1ba7jU9ujrAzKShmWpyakPLFpzONgS-6Lj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Nip4n_WGM7CZKNmEOkXUN_2m4EFJg5e6G4slv6-WHiAi7kKngqQia_z3NPkstgsB5pMKD9bl2ZjK0xJupBoBSCUi1ba7jU9ujrAzKShmWpyakPLFpzONgS-6LjmJBfwXpxVn85t53AGgI9B8R8PQ&google_hm=UGbi6pWVSVCuWXeoa5jSkss
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0Nip4n_WGM7CZKNmEOkXUN_2m4EFJg5e6G4slv6-WHiAi7kKngqQia_z3NPkstgsB5pMKD9bl2ZjK0xJupBoBSCUi1ba7jU9ujrAzKShmWpyakPLFpzONgS-6LjmJBfwXpxVn85t53AGgI9B8R8PQ&google_hm=UGbi6pWVSVCuWXeoa5jSkss
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame ACE9 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEExhpTA7qYjxad8Fib1PNV0&google_cver=1&google_push=AavPq0PX4uwrWCwgDJOL7YAH-APbCZWRmOFgVEOW9prUJyzokY_J9U-_k4R__DhrdSipm7kEE1bLZ3coE1uKPcMEV_MqVZMBT3zAvfYlSkAAUlI5-ALfl71AoOWF9_7AWjJNf3DiAQNVEUAVlxK5gHyXEfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame ACE9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDAFTaJbmwWOYjeyDGD_Yyw&google_cver=1&google_push=AavPq0PW8N-htkslQsNvn7zMwssP67KWCMSelHDqy0moYZGkSy9mau3Lt_xyP-3y7QxHG7wB6UY4yNQ4qwFA9qKmRzg-Xmw...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PW8N-htkslQsNvn7zMwssP67KWCMSelHDqy0moYZGkSy9mau3Lt_xyP-3y7QxHG7wB6UY4yNQ4qwFA9qKmRzg-XmwkoCg4IKG6k0cM9nwblsLujUpdkzoWQsA2mwx3_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PW8N-htkslQsNvn7zMwssP67KWCMSelHDqy0moYZGkSy9mau3Lt_xyP-3y7QxHG7wB6UY4yNQ4qwFA9qKmRzg-XmwkoCg4IKG6k0cM9nwblsLujUpdkzoWQsA2mwx3_Ptzi6prxeqS12vdPbi1QfE&google_hm=eS1TemVCWHhaRTJwSENTTGVSTkpUYW8xZFdRUVZ4QW5KN35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Jan 2023 13:13:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PW8N-htkslQsNvn7zMwssP67KWCMSelHDqy0moYZGkSy9mau3Lt_xyP-3y7QxHG7wB6UY4yNQ4qwFA9qKmRzg-XmwkoCg4IKG6k0cM9nwblsLujUpdkzoWQsA2mwx3_Ptzi6prxeqS12vdPbi1QfE&google_hm=eS1TemVCWHhaRTJwSENTTGVSTkpUYW8xZFdRUVZ4QW5KN35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame ACE9
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEFnKvQdtsJL379iscWZzZdA&google_cver=1&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXR...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEFnKvQdtsJL379iscWZzZdA%26google_cver%3D1%26google_push%3DAavPq0PEHDHKobs89fUJEb...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4213833176568408785&exchange=193&google_gid=CAESEFnKvQdtsJL379iscWZzZdA&google_cver=1&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpT...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyMTM4MzMxNzY1Njg0MDg3ODU&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyMTM4MzMxNzY1Njg0MDg3ODU&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXRmeMtiduOuz7aOdUcfFbl9EZwjylwq196PKssyY8rcxjGbF17yj6dAmRmOmczL1PE2UCxJsS3Yuk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQyMTM4MzMxNzY1Njg0MDg3ODU&google_push=AavPq0PEHDHKobs89fUJEbFaMNU4uMS81TongD3hLu_hfFYrhRpTadgO8-9C1p1rbH5mXFRXPt0MfGXRmeMtiduOuz7aOdUcfFbl9EZwjylwq196PKssyY8rcxjGbF17yj6dAmRmOmczL1PE2UCxJsS3Yuk
Date
Fri, 06 Jan 2023 13:13:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame ACE9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ID9y89fZuwQyRmFhNxhghbjh6VT3aohwe3EbavnK8gNbwIJPS8K0L0TCxO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 14CD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
84468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 13:45:57 GMT
expires
Fri, 05 Jan 2024 13:45:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5494 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
b03d5d0f93d3939d55f52b8644cda9046ab89aebbf5f07c5c886fe224d2409e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12590
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4AFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrWqs6mNWLGWVKAmsIe_fFqCy6WNLuI8Ld2ssT4QIl1Bp6tQOZg4jxpna65PIF-z7RUffjF9izT8hTMaZkQv2im-LkKtALz3_BwPwpu5oyhNkApRUD7ee45esx8Aqokm10RAlYboNDOm9DZPuHLnQdfxQ6prLrdcKpY7xH8Mrtx7zbthfbOFQ2-1y2BwliooOGvEBWHNXsIVwtqOPGtqwx6F3SMc6_BaGc4fVKD33mslo1OD_aSeglhRJL4QgFXIcG5ahu7Hs_7SbFEpqMWYmcUIRyU99IpZ4nZI3oorFaOXmXQOeNjlr2LCKXkkwxlQXZnwrtFzT6aQh8Mnjymo2-9QggKSKH1QYPB5CeemGeQnpRs_VnVrgLc4ExrRFy0t5nxRNoGiPc9NC_wKrB8ir655wuPYs90sGGRS-HXPR6I9oLgKvotJx_rSGbDEyZJwVOOXC18cwHNd-uCH3qS3wg653X5NbQzYtIza1E-DXq4x_gqtzwW4X33zHDPSyxpEg5fMONpIDjosi3uAWNQm9w3S7easTCvcXPI_5Z6fOMvkfN3dZLOUsh5g7q49dvlfN5Z2nqS3Ps5B6W9JBAu4P6KoKDoOEPkYARc8l9vWJ-ZoXX9NTVd19y144ua7i1GKjj9QaGOB_yoEElK0OXjtcn-IyHUH5khpOf-_q2cn4cxloZ-Xgo1-wjAWoUKycQyqzeB9WvrxNzWIT-nsKpqMmShLjRdqxr_s0yYfc8BGmM9bbHB0BCTvAI3oaYOZHIz4i5UqKB1WN9yl6oOUm9EWnILWWvbvfi5qzmXIBbDxB_fscoaCcPChS8C-tPcRmBUlHspq3GYfqf2v7oS1hMUqSXSMzFzbyLLJutVh2-nxHTXQmSpREjcFlaJv0d4CgopJw8VwUA4PzGV0NfOyRB9GAJD4lU4kJ_olPlUy3pYPCl_3fEJgzCnPg0sltT9yMaRzoj5jh1yatOOSbuXL1w2hBb-GcDYZ3Y3DX1UKkmNdsxlRXyn0MULJGCmxikhsVatm5j9LH2LrQgKUJ09yH402LbrdxaRP7IlZzUlUc4DcqZExg9Mb6tKfYS1RxnjUbjsTFmmo9PvdAoqob6lpBywZ-2W_l7NjaVGrRit8N5dmsf7D0tuWmukpEHk46z-qNgrEbsIDJFiSmlwUp5C2iTy4_AJgo_otoglbcOC6rgaC4&sai=AMfl-YSAkCCaw_7-TM5t_YL9A6_Zt6nToIRnGOFe3MxILTg37qneEJq5Rg33mW0DhUIhWz-By_rMi0rvUL2GjJAAc5eGq-DMiWzV64XkGHAgO6lEnNvq3AT_KAEqYQ71T1n-R9P3IIa-aaG2pumdD-zAqdQGtSds43HUVNWDw_xUXF-tsqna_0kLsg3nQBZhYkwJ4cqcFHLA--z_VhSTRPY&sig=Cg0ArKJSzI6hD6yrOIVdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=633&vt=11&dtpt=632&dett=2&cstd=0&cisv=r20230104.07349&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AiPvIfnSvYLrFH-Egzn71S2uQ0Yzn4oWuwEBC17QG16n8oxv2dxsWfkQX-lrfGeYfSeRq9DqLsfAsshe6CHn-lBHk0kTfOdIiItcLWJNJ_WLuNcgO7GWTPSqtV0tBDBbCF7lhfx5s3UyWoWUZ4vENH5uYOle3Tbs1h8qAv4zj1fkml-c8&cry=1&dbm_d=AKAmf-AP6q4g3usEcGQPVfyjedOYa8dAIQnr_d8PLhDZ-qHirzOilxE1GTIOq5kL1XoPf4D_i6ZLM5U7wiAsoPht_-gRtcYqpZ-gllsOULEs-jRMO1ckUuxu1f-uM8X4F0IrqUKAZga-yXMApdSGyLzlrABzKUUZ5lsd48VfRPWyHDzXdagoAt3HvKAHC1P7JYd2hrXKVFG0NsfjmZsdc6q8G38y-v4yXIlMSjc7pFDOzTk2rzyNFde22T-9jUBOEXlsaKEF09GXsA_gK6Rjj84SngqHh7gY8qhPSCQOZW29RRfhbFi2E5TDm21SlJy4ClbsdSYe5174c4zZAsyLogSWhJwyhaUbmodZRQjda4Sy2B72heZMuxJVJuMliCunywuwh35YSXvJaS5sCNbwo3Sl02uErI24cyC4TKTmjFYJN5KDh2ApPS60EwAcgByJJKM5p2Zv_hVD-iun6Up_C2IYeTJSUJYwekkiL684IaW3bK7tcAisZYG1bcGRvMpwp3ZDfCQPKHIxaBxDLax4u_lCWmCrkfVXtWlGaVo5JLFN8W_e18EHucQZ3Kspliuuryx3qwG4JJHvqVLIfLo8FufvCHj-oUZKZpxMi6DZRDe2EFnqmkC-fap8SoMg2FagGEz92Z4oCJ-MB-bQ9AvSr6Qm0ck7mimMhecyPefZtM_wZ4KNtWGDuqDQgyUUbfdBY5j1ZRDl3bphiT-AzhErd4a7TbRrXTQzI9YJNp4c_B9HXF-nSImGWMLXlaBy2IfI9CqX_UY39gftq678GmYdJksdL2FBEyzmS04v5zXfipaI7Blk-yM03kI4oHZ5xJkulGBbU64jtM6ZeqIESSekds9quWgK9dZUfSlTp_XFdz-lBcryP4upebORK_0_YPVO_YhnMKvdgolW6TNDTzd8TwjnR7r2tUtxdC9Y0D7kSVOjbWaW6MdCK4cclwL2eSCwnMRjkXFbY9HVfUA_GQitnvRGJrUQvYGE7jbQTw9zeQvY2bbBKuUzd6W5OlDdQ0c8lO2Ol4C2xffhlGAHGAWHVLid7IyRvgpakDAbjdytfyTP5Ol8LOk7x4C5aQ2YUK-CYetwMKbdVnC3ARo5fVC-20S0Jn-E0snirp8sgE1LSC77yt_TH0x6Q8QRlyRS49P-nsq3yvriTztdU3UF8SpabNB7wo13YQ8d1KguSEq540N4wFBbjfm0tvXgkKIHZhHpaXRcwWth9e_hSgjRZclBOJTHouoUri-adlSPngoAEirBQjzoIVnbEbiheH45HlCUxoBKKGdUiFVxFCcbwNIHepKuWxA7n-38O18YHFuQXTeAYadjtHythKX6n-NboQ4tunBBOhZ0erOp8q5mQqzI6hw2LfEm2JmYOVHIETAQOD0DHfu6_vP02F4k-UCn1sCMwfI_zgN4gbZ-14tY0RLZzJTGH1Kbx0Jxc9EnCDGBSHHV1H_HN90iTb6n0aEBa3HEiMh17iehbBEQ0eAc86fho06YUYcKBe1NLKR7bSMz4bP5VGoUynYv61cLjHVm22D3rayJ5TpGA_KpKDh_i9a07MawBHaYUkIUs9kKajCBzRD-iWEsvyzh9h81QWe5TVjPe-tJrQKFPpOzNxl9wWcoMPeZKZ2_q5SzLjlxqYTwqa1RnFsx_0alni5OhVQmjGTF5MjQvns2ktOmG0QzpdVWb7vVAFtSG4gc2MgPt2kLKfqAAgCFK-EqfbTvDq2YdI8vwb0wSKWtnKlJC-mDNHcMnchLZhDt14GMAyw3ReRPUAQYYtD5w1VwfK5wpG5uLHfDkVF_Oa6FLsk8tMUXOcC3EfH8mv5Yqu6sA4qcLi3UNGeia1MWPn1Z27QAAZm-NVOt74Vo61qeb9lLT7iU1bA4EFqp9QP033V7Xka0lKxhBsL3s_4PbSgnR0xdUSxa9nICv73mj8FkYUjbJ7w8MYvC1mKneyEpei1agoJGnuT0zMXsr1M_C5CHAlgE7k8VxeuVlhh_I4NnNPmzRTR2W2XrikfRNttxIonPGcssHGHrZ6no2tZ3HYeKGYMyZHk0_ND6iK5Dt2fXM8vwQHqu-T5bZW3DtAHV13t5yR7hXl4UglHIoI0YOdHKFGf5GjksOICA90krXBAlc2CAEbSB6kYpWBp96nlvghUF2q0GEvHjBlo0gdrrn5dmE1i8EAD9VRCblq5mZo3zBZSiuFHj5EFH_6672AxyLN3J4NYA8VpFiPb8LpD_buWR6f3J44z6M6RhqPYvTws4TJYtOSPs5maBsMI3JCTSCzUC2tH6VIV0NgC6zEyonWdcf-RmqSrdHU1zuR0kQ-zLYdyQYGSXBD8IpRXJkwVxoxV-OZYN2Gujtx2EhSjZlUx142Dd9MW00skXueAtA7mWFknU_lgHH0-k5bTq4rmjnF8MIOW3iGOv1K1pvo2aTBVohPt0W0PCuBncHWSZzahmN3bmvXYowr5RyvhFOYR4Lwu39bYghajC3bd_96McI6YUGyvJDybq0HIznTNlb_qzIr3c6svb8IXdsvE0jm7ahs9Pq3iJl91dp8US-5RqHki9TiOAEjTb8opseECed5a3PPrYoR80C4V4DhEi0odTNx3Ve4KRVYA56glL92Rst_R-63iQkJBcrBuJeFKGD3mxTUwQ3BZS6RAraW1IN2YziFpfLph5nX8fMmFegw_OcaTvmLdVFUJkUxZ4dgu_hX17sMO0BbaNJVAkEuIyBW36k3Le1N7R51YZo-4uJVRTgA8uYEfhGMYfZs51VnnZ6AIgMN2o5W6-hziKr_ICjcKO3janIscuN4AC4KM_4vPhKjYj4mXRO2S7WyZeIltcDFVPzdD2b-DnLnq3z9I-BmLFYHogZfl5-QwCvKTuBz_TUpn0K098gpkBzpuWDoSQR5mhkYwUa2CL9B8f0Fc87HP1gZMdmK90_A162kSdeX425M5B0p35hg8eINImfVYVGHmwfst28u54jnE-U9uk_i8OVVxj31SPodPxg4jkhCTW0ieAYLZq8dNR-RG14SjWScq4oHgN68diSzkY-ye-nQCtRN3VotpeR3Ehw5BUPzS8MNLsJquVsojAE-js-IOh8LtAEozIVRE-ce8bOggN4czDkBSrLprz70rLU2FN816AwXPJHom_5ue5tZOYdwL_vnpk0yBs&cid=CAQSKQDq26N9QwcnXg1BT39wTNfnpbXMo5xVmQRhnQ_rd59LIaL0gCiEiieaGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 13:13:45 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 14CD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5494 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
78501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 15:25:24 GMT
expires
Fri, 05 Jan 2024 15:25:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6A53 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
3670fbab9b00b1b34deeb9ae2d67383595aff0b9996511822c4d63fb1eeb634a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KBNx41uN5MKtpKF3XwuYnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-KBNx41uN5MKtpKF3XwuYnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:45 GMT
expires
Fri, 06 Jan 2023 13:13:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 022C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
78501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 15:25:24 GMT
expires
Fri, 05 Jan 2024 15:25:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 04AA 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
681b0e8db6c38983f53eb2db791fa69c74889b5b229802d82baa1b198d8612f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8pviEj5U48HDXMAqVNRcaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-8pviEj5U48HDXMAqVNRcaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:45 GMT
expires
Fri, 06 Jan 2023 13:13:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY4TWiB64Y8KxEdySssUPhPu16AYAAAAAOAHgBAI&bg=!QUKlQgbNAAYDMoyoIzI7ACkAdvg8WgyP2aFItVMt1jen3njMxx1aYC2wY2xMXeQqCO4-iYTbyk9A8gIAAABOUgAAAAJoAQeZAx-PW7l4eIcQa0ANrO5JuziW4ivpTXlvpvxWcSTqBmNan49L2xHyTfXSD8ZsVmyZHcL0OdxWqDHBmq8GWD6W8PRpUbKq5W7O7smaFXx5sf9jOvixbtlpJp_tTDHccNUFdwT8jf2gGkvZ55Kn4agG37KfCqdByGTwllHinyNDf4nf-4T84nYdSFTO-YU43cmpEHvDc5v7j21Qo4KEtw4bz3Phl4eAmlL1ORQwJm9dBoI7_Q4tDbNP_JOXeuI068xXAaeipd5wRHJF_37C37fgeMQl7N2fL9aVSj3v9r-5lzMZNCa_wylj-3JSOJ_D_TCZxLlK5HQ0BQzNrw9efiD69jTlznxbaWRjo0MYtuBQ5XhhWGiDEGQ3ks88bXj-SKhO3uoznf79IMlKYi4OoYCqiNeV1C2nDcJXP6xdghFCIIxIy3u1vsuM2W_7AVt9MiCaXD3GjFzXTpXy2VWx2nXBpZMxmyZecSDfAVWSmhHxMNZ-zqmEs1beb7Ufddj3ND2nlxUl_bPkaYXVcWtUohoytfhAJFiIK9IDy9ZGpL05ykfynlw8KoptYfpM47hhrpqNltl9I8uq_ZNRw3BvO5X_3pLbB18VPMMBquUP8TEKomT4DjkLc7JDxRCclBemBcXBo9KxHKr8FUf1Bfo-gQuGTlnw2KOP9_gJqf9UVyMDQgVz3zYA2weNUbgTvNaoYzhF8RXeAleMfyFD_l3TyO242eItSYhRf7I-0rGfeuOH7zVtDWah9aIJ5sRrbUBI-QClMSro5xmf1WbVZNJPHOaVWqbWnXFuYSfAhs-SckdHMbnBqDUzWBIA7BEzoCGgkOzJozIsCNlQe7PGiAmtzaWThovNtGfekhSHciROmW5af3JOxdfhtq23AchD2aLIvpPAMmeGzx37ZCN7bTo70__h4ritwKgTZFzNfrJoj3HiCUxNuWsfVEZ1GBQ343QL2NmrFbOhHHxYOI37tYxcc_LyGyMErok7ljfR3LthA9ZsCPEH_O3sWuLTc_hMRgddSNy0BHMK80F90JMXTsmBdKymRhh6HNvallxrDgvMCOnfDhJd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020619&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673010823224&bpp=13&bdt=310&idt=419&shv=r20230104&mjsv=m202212010101&ptt=5&saldr=sa&correlator=8001877734859&frm=8&ife=1&pv=2&ga_vid=1847477988.1673010824&ga_sid=1673010824&ga_hid=1209138873&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071365%2C44779793%2C44773745%2C44780792&oid=2&pvsid=1884843836077609&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.857nyss736ms&fsb=1&dtd=434
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6A53 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=1594908084137933&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 01F9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 04AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=1181813426841002&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 022C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
L2EvMjAxOXNoaS1lci14aW5nLXp1by1odWFuLXlhby1zaHVhaS1kdW8taml1LXRhbmctcWkteWFuZy1wdS16aHVhbi15dW4tZ3Vhbi1qaWFuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvMjAxOXNoaS1lci14aW5nLXp1by1odWFuLXlhby1zaHVhaS1kdW8taml1LXRhbmctcWkteWFuZy1wdS16aHVhbi15dW4tZ3Vhbi1qaWFuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Fri, 06 Jan 2023 13:13:46 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=223
content-length
555
expires
Fri, 06 Jan 2023 14:13:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC56 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
54200f5bae45343e651456e1ea52a5a3ce2b978a605fc5513ae5a39c80b54f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12457
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1BCE 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
0190469b6613fba4f3bf850c7fecfc7c3ed852d00d580447d05e29d68df25a5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12494
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FD4F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjrRzT5OHdT690Tk8t27N6rY8ulmAc509sTHv6wnisr6mTW3qezl97gTf_lsLzOUn0CjNUSFUrsSMi7vmeSnuvZGJNPK2j0QUfVpKelK4YmH9jdaEYg7qUJg2iX8liXOEr0QU&sai=AMfl-YThUzJ3AYA_mjYgZMNpHjxJvn3ng2h4CiL1yuGvENFTlQ2IHEmbd4pVU1oXe0HURi5WyTpLjO58tDONw7I7fu8j-NXROSQq5Tk0G104xevTl7Ba2BHfSxLl-dSddw&sig=Cg0ArKJSzMAAB0W6og7REAE&cid=CAQSOwDq26N9h5RZIRXgAXGPyACmS5yh19q9CB2kZNU2T5K-icCtDbDjtPCtJRzvBswOTDNkur4tkk9uDpFAGAEgEw&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673010821905&rpt=3254&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 01F9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-GFdSw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 022C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iMraXA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC56 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1BCE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:47 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5362c9ea16d9d47e6064f338567aced2e3e2642157441e05370847b03d4ef4c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80584
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 06 Jan 2023 13:13:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9C8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
78502
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 15:25:24 GMT
expires
Fri, 05 Jan 2024 15:25:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5293 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
6e4f73584a25e796b2f641659277c95ab8d9777bfa6673b3fce288da3c5e3a75
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Oqb9aP8kO7J1UubsWiV-Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Oqb9aP8kO7J1UubsWiV-Zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:46 GMT
expires
Fri, 06 Jan 2023 13:13:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 5293 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=1884843836077609&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame E9C8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
generate_204
tpc.googlesyndication.com/ Frame E9C8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-J8c-Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS8yMDE5c2hpLWVyLXhpbmctenVvLWh1YW4teWFvLXNodWFpLWR1by1qaXUtdGFuZy1xaS15YW5nLXB1LXpodWFuLXl1bi1ndWFuLWppYW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWVmNTBmNWYzLTYyYWQtNDdhMS1hZGFlLWI2N2MwZWY2OTlkZCIsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMDA1MWQ5N2MtZWJmZS00ZjZhLThjMTMtNTM1ZTdkYjdkY2QzIiwidGltZU9mQXVjdGlvbiI6MTY3MzAxMDgyNDY5NiwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiMDA1MWQ5N2MtZWJmZS00ZjZhLThjMTMtNTM1ZTdkYjdkY2QzIiwidGltZU9mQXVjdGlvbiI6MTY3MzAxMDgyNDY5NiwiYmlkcyI6W3siY3BtIjowLjAxMjMxNywiYWRJZCI6IjgyMWJiMmRiZjFhODg5ZSIsIm9yaWdpbmFsQ3BtIjowLjAxMjMxNywiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDAxMjMxNjk5OTk5OTk5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDM4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY3MzAxMDgyNTE2OH0seyJjcG0iOjAuMDEsImFkSWQiOiI4NGMzMThiZGQyYTJmM2UiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAxLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2NjEsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjczMDEwODI1MzY5fSx7ImNwbSI6MC4wNDcxNiwiYWRJZCI6Ijg1OWEwODZlZDFkNzQxNyIsIm9yaWdpbmFsQ3BtIjowLjA0NzE2LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwNDcxNiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6OTczLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY3MzAxMDgyNTY3OX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4NTlhMDg2ZWQxZDc0MTciLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDQ3MTZ9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjAwNTFkOTdjLWViZmUtNGY2YS04YzEzLTUzNWU3ZGI3ZGNkMyIsInRpbWVPZkF1Y3Rpb24iOjE2NzMwMTA4MjQ2OTYsImJpZHMiOlt7ImNwbSI6MC4wMSwiYWRJZCI6IjgzMzFmYjBhZjhmNWE4NSIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjY2MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2NzMwMTA4MjUzNjl9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiaXgiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6IjgzMzFmYjBhZjhmNWE4NSIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMX1dfQ%3D%3D&c_b=12019.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:47 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		279 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1304513170908520&correlator=3710407693052739&eid=31071296%2C31071369%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=2&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D8331fb0af8f5a85%26hb_ap_bidder%3Dix%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D859a086ed1d7417%26hb_ap_bidder%3Dadlivetech%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D26f29ffa4f73c0c4-22a463c830d90048%3AT%3D1673010822%3ART%3D1673010822%3AS%3DALNI_MaBJhxejXPhcZN-NbxEg8P_N6fKxA&gpic=UID%3D00000b9eefb1fb31%3AT%3D1673010822%3ART%3D1673010822%3AS%3DALNI_Mbs43hAoOztBoYY8tvQaAuNhBa2Vg&arp=1&abxe=1&dt=1673010827476&lmt=1673010827&dlt=1673010816855&idt=7570&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=301647917.1673010820&ga_sid=1673010820&ga_hid=695584987&ga_fc=false&ga_cid=amp-o0py8PZnEWEt0Yiu3UO6lg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
11f7517ac842f1970ed232e08363ff8336e6e1fbb7c533177cb3406990cfb5de
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLie2YCDs_wCFRKg2AUd-dUMrA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9950123323298102569/ad.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLme2YCDs_wCFRKg2AUd-dUMrA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7257878326248781077/ad.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLie2YCDs_wCFRKg2AUd-dUMrA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9950123323298102569/ad.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLme2YCDs_wCFRKg2AUd-dUMrA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7257878326248781077/ad.html
date
Fri, 06 Jan 2023 13:13:47 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66431
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CFC8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:47 GMT
expires
Sat, 06 Jan 2024 13:13:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6790 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
78503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 15:25:24 GMT
expires
Fri, 05 Jan 2024 15:25:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F8EC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
8467b6c92b853b93ed2b58a27e85439cbb1985520d413c9221e3746202d0d2d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xnn_w8QGjpB1rWocOa95Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-xnn_w8QGjpB1rWocOa95Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:47 GMT
expires
Fri, 06 Jan 2023 13:13:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 908C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
78503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 15:25:24 GMT
expires
Fri, 05 Jan 2024 15:25:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9509 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
GSE /
Resource Hash
953a00185e28394c1d0807ea5dabc84535abfd9e56be55d2d280f187fab3ccfe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ki4H1g2MhmZQyBs7uNlp5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Ki4H1g2MhmZQyBs7uNlp5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:47 GMT
expires
Fri, 06 Jan 2023 13:13:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:13:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F8EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=1789670566754654&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9509 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230104&jk=1729501424193876&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 6790 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 908C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
pixel;r=1369485805;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1369485805;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-723096048-1673010824823;pbc=40b4d72b-32cc-47b1-8713-0cd773cd1dd2;ns=0;ce=1;qjs=1;qv=bf501fc4-20230104143059;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1673010827916;tzo=0;ogl=;ses=c132bc28-923f-4c91-a21a-638f1325f01b
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
container.html
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB50 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:47 GMT
expires
Sat, 06 Jan 2024 13:13:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 6790 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FLEMyg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9B7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:47 GMT
expires
Sat, 06 Jan 2024 13:13:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 1E29 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 06 Jan 2023 03:51:53 GMT
age
33715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 06 Jan 2024 03:51:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1E29 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 01 Jan 2023 16:16:36 GMT
age
421032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 Jan 2024 16:16:36 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1E29 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 06:59:46 GMT
age
195242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 06:59:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1E29 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Jan 2023 19:48:35 GMT
age
62713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 05 Jan 2024 19:48:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1E29 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 01 Jan 2023 16:16:36 GMT
age
421033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 01 Jan 2024 16:16:36 GMT
truncated
/ Frame 1E29 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b08bd8a973541c38ecd45e41347696acc0dbbb645c6ca2b138807c00f7430da6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
3538490278488587657
tpc.googlesyndication.com/simgad/ Frame 1E29 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3538490278488587657?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkCH7MJnDrTHIQwe3ZNdHn7dGRN2A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
3300d702ddc3dd82edb40ba255abb88171a49b9f53205707f550328b9fe37b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 21:34:44 GMT
x-content-type-options
nosniff
age
56344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95439
x-xss-protection
0
last-modified
Sat, 09 Apr 2022 20:26:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 05 Jan 2024 21:34:44 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1E29 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 05:45:27 GMT
x-content-type-options
nosniff
server
cafe
age
26901
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 07 Jan 2023 05:45:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1E29 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 15:28:35 GMT
x-content-type-options
nosniff
server
cafe
age
78313
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 06 Jan 2023 15:28:35 GMT
l
www.google.com/ads/measurement/ Frame 1E29 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4jfkRAMqTmr4cxqGZ1ONfHBm-sY4jNU9V9_0mlEVY81dgg4rlzP8VuT9AjKuTYi8i94fdTx0ksQGb7oUhfnlKNgz9bw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1E29 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNwDUix64Y_qsJ5LA4t4P-auz4Ar_w_adar-C_7iWEILXg6SfMBABILqEwDNgq-yxheAYoAHSrLO4KMgBAuACAKgDAcgDCKoE4QJP0FRNGCiDDz9QP4dfSgDuSIsuQqpaNlgEaAWjjDFv-TymwD7-f4fOvWHqvcCPEz8hD-IOydCu2iTfhlPEKhZ0v-A3-NL2-2q92flnBrPZp1lzQEBg8C28hIebJIKa7pGszhmPdagKTuQz-9D9ZjX-PkRjBahXB8jGg9Uepe3I1B_xIveEKodKv0x0l7JM9EBFKDY5zCg2qXwkvpNdKMVLAlOAyMuL8Eedl1GvaW6wncOBA_XjRPDc6835hxZYf76SPPETZM_LBzbNqz3EffKkQfzN_sVOdUC0Bk3FDB8hVryR78PuFxECSJANP3dYS64pk-q_7hkYKN5HTliuubmFVS_tI_L_W78mgecwB6-xy7WnH012HwWlqevDY0M1aIZsuuL6q7ITtyzvIs7WoWPP853EVFs_cdo6QRyg29FqooRJCvhJV1MUbxj9C9GbV2xUeMlBQzv3lYYV5Fpv_7_u-cAEw5_dqokE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9Lkg5gDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQw8cC0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMC0BUBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=snWcDy7oWF4&uach_m=[UACH]&cid=CAQSOwDq26N98prPkOQ8G55tt_wPpwyYOd_4fYWePgtbh_Sa1QP4As1pQ36rFBkeVDU0VJdxb_SPtCZCQjIjGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 908C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RTKkkg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 235F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=1594908084137933&bg=!RUalRgLNAAYDMoyoIzI7ACkAdvg8WrhrSPXGE0ohMVkMrhiqc2_zZag333Fwbv-mrSVryyQ82NdXsQIAAAB0UgAAAAJoAQeZAsMWWx_WwCyD4uZFoy5578gSChPF0zZlVew3DD8Zqtq3UI_4KKD0LccjhF0CcT8HFYvB-NyexnpqLdPSECW24MvxZVXBdkgZxrQSL3h47BcLW7GmBu5xkIB_prb0_LjIaE4kFCov4al53-nb9VPeHPJrTWOoYpCZzCSQZEGouVsPImCna3pzvYGNHE9heicTKDxKTJqbuMz1_XcQ7LyE0au7PmYs9RGZZWTJsSZ_Ts5tS1PooZhYgtbG1UQqWObvBpmZaC9ZTmZ-x-JOFhjw8lxkyA4t9sC68R2LbSKQ_PGpY1F8zZuEBc-7ERnyghFrWFgVyKESorbdv3KCGmWRwfRDB7S4aaBEVz2p3xTPbWCKTIlidJl-UPOrKewb49UduxIiYSewRueWPbF-UU4oKeE4WENp3W76ET4nxjvIZ4L_wEiRgVOIJLTqeI4AOfAXd-vABX3zLLvmVJN7HZMsk_DBvaDYD1-AFlnoZolA-s6Z2InxU68Ztz3HF5XS1DRpMERXt3ICnvwIDhRwlgnBa6LLqt6dr8in-fm5HG9dI1d4aMYxqOdeymyBReBkAMs79KrUt20SzO1J6Q6qOMtgOxTOfJ7SMkpdC1eKf2Gqnh28MzuekEFPzzbNzj-KMftLSyO-lPVDY0WKStQYA6sd9dF_-S-ACwfRdrjT7hHzsBhV5H6Lh0923EvofR7IPOg3Elhz1iHPQFi_pnow8ee3VWlIXS6VO3Uo3kkCTcR0Vc0SyqbnTCPmUHvaK37ShTgXB4UCO4G2wkTGkvW0fqXmR50rbbX710leTBajJRUN5-9QgD3xgLxxHfRWm9g8BaULAbtoBCh-WQrqgFKbaLyADlNhOBLzRs_O06ygelLTdq6lHFBy9TEuFwGcGAorWFmv2dSUb-I2OlzQZwpi57VyMV5ZKP0MSWe4G3YJDIYy4EFOqAxOeQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 418B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=1181813426841002&bg=!zc6lzorNAAYDMoyoIzI7ACkAdvg8WkBoeCaL58TuvGLkKVtCDkTC8oRMDchBkPnYF86iiYlByUx8gQIAAAByUgAAAAJoAQeZArdmoSg3egPxSVdG-7zrJ1Qo-oviB3Dt8wp5WWfob9CzlL5aMRIXNcO2lMemYOrpJvTc9pdlq5g3EscENUlDcGXuC_64aiXmH36Ahnb00Rj7UAYsN3YSLRG7fUEjeCTNdOEh2SzbUgy_J1KU_JbE464b2IW_axznv3k4XR3gzBCC_8OsQ5I1d-6Cm9d8VCH01NV9Uvf8b8JfDwWpaImLZIRgicuLU187mUHMm5NL-5ah5oXIIrbx8MkIMgTlVa1OdFpCVD-SimTiWSGZyOLcOjSn2QIXPDsGj9Gdr7lVCRPYchLUS05JhrzaX9UE5uW8jzToH_4DBu_2N3TsxOa3kc6vFOKyAwK1sm8zICo8yRsTj0EPibCH_-H--V4q1aPzbRj4ZS3RXue68tmlMAT5njY1rbBjsX0dT8aECsndkXUBNj2tfhgd_-joJgTe6T4GV3JJOvL3e3EfvU30g93LdYXtsKWnIb7YjEM3lodY6YiFPfZa4K97wA9SvYfayvKO4lu5hQubn_2fbDBQg-y8RdwVlQX3gfqSYvZ_idsMhip_5VN5bRxZMgRthv85aaLox5ssHkrIQ91Tf8VtggIUadMMO95MlfHM29imClDqnKPG1oxPil4yxehC74Vb77cL3fSPLE-mNAGKDJJqiWg-46wl_Z7JF9w7fSTHgssCXJnuL8SA6vE9i3DsA1yiN5x4EGELIyABgH9Aujbg7AiTrXeUt2-9RMEhfRXfYfs6WM0yLsvNg_9NKDZ7-fNsNq_V83WaZyianWIUQ9J2Oo1961oyY3pYRq2va-vRjPI7PAs4oXj2-vZxohcKJz7Yr4CmmFfJLFMIBWSRJEDJfZNyxFuemnTt9-3yZbX-eiqSdsHoU71IrwWRqxjT8UKtH6ijjTeql0r6Jb-ul-NaTlkYdgHDiYD1PxsRHQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe120&_p=695584987&cid=301647917.1673010820&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673010828&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2F2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html&dt=2019%E5%8D%81%E4%BA%8C%E6%98%9F%E5%BA%A7%E9%82%84%E8%A6%81%E8%A1%B0%E5%A4%9A%E4%B9%85%EF%BC%9F%E5%94%90%E7%B6%BA%E9%99%BD%E6%9B%9D%E8%BD%89%E9%81%8B%E9%97%9C%E9%8D%B5%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Jan 2023 13:13:49 GMT
ad.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ Frame A644 		3 KB
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
07545ac6c0457c1f4b5e2f565a591eb273f0c450c359ae7bdb6dbeddb04aa6d8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
800
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:48 GMT
expires
Sat, 06 Jan 2024 13:13:48 GMT
last-modified
Tue, 13 Dec 2022 07:21:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame FB50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_ru5ix64Y_isJ5LA4t4P-auz4AqtqLapbr_Ko5XuENzZHhABILqEwDNgq-yxheAYoAHGtYCaA8gBCakCeKhA1KbkpD7gAgCoAwHIA0iqBO0CT9D33Oivnd_MKJdz0XBWERleW-MuHWtOlAaplaEYqlDGHSTz6t5r9g9aYUEApM_Of2CMPWO80s57GCGz-Y3hXZbybyBQp9UISy4vPIb7gIox_OH3KKjPqLTZsmnRzA5k7xjkHQdcmcgRtBo0bMnEgWsXNzFS2MhUYM80LvXuT0yVaBoXv3L76ZDr8DDje_5uYudgjpuLRUcinDPgrqaS8bb7eHRkcUbV2J9XTnj48ULo59iPlRYSLs4O2IEH8AX0owdvux5hdUNP2WGr7SjcRn89t1sshVmL49lcru1NvXScg4X56cGUt4M9YqxOZWY7kecUpUhj5v1GF8pQXi-Vtnaej61WGOJG22kn1cbyZUX7yI3Im5vCLastnYvVUHyh6uf380Q9HcE-D2wmRX3OvD9Z2vffVAGMGiLlED9f7cMWORmHAv2IPF9q8K7gA5KX1XrtCXoxcCG5UCgKYw0tw8EyRnD15Zt4m6ID5NLABNeprp-bBOAEAZIFBAgEGAGSBQQIBRgEoAYugAeiyv9lqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4IsG0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMC0BUBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=k9WHqSaMlHA&uach_m=[UACH]&cid=CAQSOwDq26N98prPkOQ8G55tt_wPpwyYOd_4fYWePgtbh_Sa1QP4As1pQ36rFBkeVDU0VJdxb_SPtCZCQjIjGAEgEw&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame FB50 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8895
x-xss-protection
0
server
cafe
etag
5139089157766378523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 12:21:08 GMT
ad.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ Frame F52C 		2 KB
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
144d8125e167f34614a1b1a1e02c08c097b8ad8ec40d257050cc9f809b65202c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
757
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:48 GMT
expires
Sat, 06 Jan 2024 13:13:48 GMT
last-modified
Tue, 13 Dec 2022 07:21:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame E9B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CorSwix64Y_msJ5LA4t4P-auz4AqtqLapbo3z8cDbENzZHhABILqEwDNgq-yxheAYoAHGtYCaA8gBCakCeKhA1KbkpD7gAgCoAwHIA0iqBO8CT9AWBCKO2bXHvUtJzyijQQJd3LLJ-CU4SFdnRAzIOF7gnHx2ZmIMraUdrqzodrx_tuzBEI9IYs-a89lmoh9Rd1EEtmMbdIGhlvEGoEPpbPMSWb7zAvFV9x_C9wqYN8xczm1PUY38EqhIv5HsDGtR0cHKjVzUJo9DQxzs9ivjSMa7n3a_-NMpTUQB3Oz5cfNay5aIMuE4ub36PVQ0Yy-8_fL_OE6yIhInEgVu658hMeIWg11AzGKxSdVFwUOKUBCiKj5eZRgk7FR-Sv-KDHFBwy76mQy9cUNc2ykaElAf2x-3l8osNrO35AAG0CUlrnzQ6V9gQIvJHsKG7rhA8td1x8kWhJOKpFmt9WryoiMqynj53zQJmhU-sXJ91iC9gEY69mH-n68P-VXBItPap6nh2NffQGIHglVmhobsQwfg95x0-saKOb9nC9KtUIbq57MV1lcECtrV4KYj1h2vxRQgXQYIkJg-fw2lq2e6GGPvyMAE16mun5sE4AQBkgUECAQYAZIFBAgFGASgBi6AB6LK_2WoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCToQTSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=xcpaBcR2F6g&uach_m=[UACH]&cid=CAQSOwDq26N98prPkOQ8G55tt_wPpwyYOd_4fYWePgtbh_Sa1QP4As1pQ36rFBkeVDU0VJdxb_SPtCZCQjIjGAEgEw&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame E9B7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
3160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8895
x-xss-protection
0
server
cafe
etag
5139089157766378523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 12:21:08 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E29
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 56B2 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
3548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:14:41 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame FB50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 17:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
71463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 17:22:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame FB50 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 14:58:24 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F52C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
54023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 06 Jan 2023 22:13:26 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F52C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:45:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
84472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:45:57 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ Frame F52C 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
41112c6a967d8bd529244b94e0c117b2ae2827c419261826bb8ac5b590466945
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1621
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:49 GMT
css
fonts.googleapis.com/ Frame F52C 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
c22d480d89accbfcdff49d03e40f8642b1f1e867492cfd13604e3cc11df78b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 13:13:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Jan 2023 13:13:49 GMT
script.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ Frame F52C 		2 KB
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/script.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
1bd5b76c27f14dcf178807f6a204ab8b42e21cb46f736d6b4b07ffad2f2d8b4b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
544
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:49 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ Frame F52C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
f5da9e3278a823a9d1b068c25e70c72b97f71f3d5b919793abf38422c6425490
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9752
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:49 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A644 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:13:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
54023
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 06 Jan 2023 22:13:26 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A644 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:45:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
84472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:45:57 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ Frame A644 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
2b2008ee1629a387b0542abd6f8d4d9fdb062d2fcf4f3a7ef7c84afa411a643f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1785
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:49 GMT
css
fonts.googleapis.com/ Frame A644 		5 KB
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
c22d480d89accbfcdff49d03e40f8642b1f1e867492cfd13604e3cc11df78b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 13:13:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Jan 2023 13:13:49 GMT
script.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ Frame A644 		2 KB
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/script.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
dc68112622e148e0cea9243824bf1c69a57b3f0a2bfc4a48496127bbafa8b8d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
659
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:49 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ Frame A644 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ad.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
da97bcfcccc462757c77d249a440a8515fc26d0b0742d5c40324504276e33a98
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8799
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0510 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
3548
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:14:41 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame E9B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 17:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
71463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 17:22:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame E9B7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
80125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 14:58:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AC56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=1884843836077609&bg=!ZGelZyPNAAYDMoyoIzI7ACkAdvg8Wgn3bg82IZP-Pdby41cLxa3DhkSieV1UB6PMfiU1Jym3ppWCvAIAAABOUgAAAAJoAQcKALRaqljfZyzFeBao8hPvgVyMeXU9iN9WEyaS0WjEg3YQ1tpYUcKSzZ_rukxnf9i5aNv7cuZEkL98LFOdjR4s34hWIN5zugaoJDTrYBiPWJpo3i2B873EhGpKx4ZS4fEuKmAPaTVC_RukAZT-xyiFMBPKQlSV8DJxar5CLVe2BeWAPxCtZWiEfAAkDjZYm4Yf6B2nMl0m27Rc74RPFOTGZ-3Sy0aJ5yYikKTtPlrom7vQQpsrEcWZAs8qMO2RMnfqgIGJl9fiK0Lo9Trk1NujGR2S2h9EvXHfFaYc8BbFFizPHKIELzos3OojCUZvF7IRUSrZgzhHijfoGJZxnIYU_DHePQUlnr5msijb7eE39BGKO8Q00PMcZlyBOyoOZTzcXLUbfkBepRMmjkQvh4JQonRDt2FTT3YDc-ZoYLcfryuLUnCOjeGKkGSZTIwJpXQbEVeiVV_mys6nK6RU-3a2XscUCmNrfBf5EA-mW05cxQ0tSx5hP_24Q76MG3DhFPJ86CLkLXgZt1OzUpZysfB7PzgLHmxUPVv0wtjG5NjJwNDDrcxDVkYVFO7_JTj0eravDNI-NxGZKP536mPd9IVOD-zBnWBytdrHRrKQg0heEE7bBN6oCGUNItJVe0PBrNhQYbxH-4Z3b9wuP6SNyJ0iz9q8YLHNzZAjKQww5xM3IdH-6pEsEI0XdQnzqg1m16rCv_M_byhiHPYy4xp2SKNZIvxCqX7kPgaNeVzepzKbpBauMv3tVqrldz0P27OjZJfUGI69RaV0Ecn-Wa_hoPHAlhy49lUqaD94FX5N6VNlLzwSwikKdkf8Dt3KqUJAUGWibIDjlNglsxLJ-C75K97Ug6940_5ln44HWqlJvESi-MYyAUZe0oqYE1m59qXlktNaUyKsEQnmUYscjgOTKMdugliGLEgbMZ8JrcvriP9C7pqvy2zH88rwxVHFTF2w52dT2czUduPolKxMeIPK92q8zVohX7Y-ZvtW9bk2hQ1SwD1Hwevo-FHiz8z_Fn_sVu9Dfo88E7zhVhjZpgdBESM-UQ6Kg2Enpri7p6pOfnmuekfA1A3mfCu898SpZgDD53JmBhA3Rk-L_BiGEDAAdkJC0SJ28p95iE_2rufQ2gKhXpM4fcyIGoqP14PIv98Esgbd2qCdKV0nltFJ5yFxU50qjv_Gk9sSXC_3so6UL7ORNIzlt8BtIa8DNw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame FB50 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHkla68JBqaop-uM4QE-aWICbACkC0fjVdc9Xrx6StPaamsjNcx-9VUgRkYrLB2tqsHXc_garXYK9dcW_L-i5zZPMcsQ
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB50 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:49 GMT
truncated
/ Frame FB50 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56b10bd2a8664599f6a6198502d9db34c178ef8f587dd29c0661ad3df59acaeb

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 56B2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:49 GMT
expires
Fri, 06 Jan 2023 13:13:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:49 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0510
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:49 GMT
expires
Fri, 06 Jan 2023 13:13:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:49 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame E9B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlPvUFlOM016CuiLeYEciz-Gffi12iXtM57C_4lo6qumge02k2Ehdl37ZTZCWIp6cMJKvNGgpbbqkg60OY9bZloMu70A
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9B7 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 13:13:49 GMT
truncated
/ Frame E9B7 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9452873a1a9f3f1f4852fe8d2e7b7ba6b7f82b42d29bc9bcf85c74ab0e6ede49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
vehicle-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/ Frame F52C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/vehicle-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a1c6738fa48fd512d5045f65edeca13983cb2c89d41df3ecb57652972b701acc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7257878326248781077/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3860
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:50 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame F52C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:19:10 GMT
x-content-type-options
nosniff
age
118480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 04:19:10 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame F52C 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:20:01 GMT
x-content-type-options
nosniff
age
122029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:20:01 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame F52C 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:48:06 GMT
x-content-type-options
nosniff
age
120344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:48:06 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame F52C 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:27:02 GMT
x-content-type-options
nosniff
age
121608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:27:02 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame F52C 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:33 GMT
x-content-type-options
nosniff
age
120437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:46:33 GMT
vehicle-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/ Frame A644 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/vehicle-1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
558bcd76997a66b851b77a6a448a9df7cf77adbbfec7ab3b7d335b614f5eb96f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9950123323298102569/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 06 Jan 2023 13:13:50 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16007
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 07:21:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 13:13:50 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame A644 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:48:06 GMT
x-content-type-options
nosniff
age
120344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:48:06 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame A644 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:20:01 GMT
x-content-type-options
nosniff
age
122029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:20:01 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame A644 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:33 GMT
x-content-type-options
nosniff
age
120437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:46:33 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ Frame A644 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:27:02 GMT
x-content-type-options
nosniff
age
121608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:27:02 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame A644 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto+Condensed:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 04:19:10 GMT
x-content-type-options
nosniff
age
118480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 04:19:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1E29 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9CGaqJ5EOksFvmqhhmUCkGwFKXGpPAktTMAWqgGJ2Rfzn2fsdDjy1JLFUoqd2u7jhDU2w9CPeNtpRpWQPO6swnF374-U1I0MbYM2IF2VkH4xBmHyxmIlKDuE5r1LmPuGPrRw&sai=AMfl-YSMgdIceLPnj6snYw8L3rhPQlwpa20QIqdqgwR7FJDt2snZV2neP9I-6g3PMDM5i0bfJ4InnztubfoEsFN7frtul4Hggt5BBi_w-E7t87sWfm2pgJVNyplvlwv4eg&sig=Cg0ArKJSzHH7HbF7wJ_dEAE&cid=CAQSOwDq26N98prPkOQ8G55tt_wPpwyYOd_4fYWePgtbh_Sa1QP4As1pQ36rFBkeVDU0VJdxb_SPtCZCQjIjGAEgEw&id=ampim&o=5,300&d=120,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=826&tls=1826&g=100&h=100&tt=1826&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5494 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=1789670566754654&bg=!zc6lzorNAAYDMoyoIzI7ACkAdvg8WqDldtbXrJTYiYzbW3MuBkCDbmRql5yByrmLFkre-HpkLxeOJAIAAADIUgAAAAJoAQcKAAJCYZkCwXnWKdUPupl1SO2BxHGnKWeeH3C-qCA53c11TjMMRKGxvvUi73VZIwffoS3J1IzGIUnDN2mlqI9PP83XTA9-UOZKgac9ucCbWrQYJu4XdCFGxZxKEfMiTV8Tr39NQ4m2CQWBP1WR1t2-JR2W_UU-vkfxyFGldwRhXTSVZofH0yf265N2cU5YX-MSaezFRRkLQDgKvZTK9lsPvV2FJPCRQjkGQ7fUMnDMkRFtMBEIsknhXxXI1qfiGC1mh-d8R_bLlJFOCCni4wlJtYMW_yxxPMsQc4sGr_SvXHu_VemJjWj-C-N4amZEZvkZc2svf5mGhqB2BYi5dowpL8u_yflHIiLq8BEI08YgG9N7l6OYk7We22fRVcXfxeDX0cKqplayXM1D_QaLcXd7g58y7OK-yKKXW2Rj9zXxMDtf_tNBFnczezh5dfuYJZyh3ixyuGQnccN9kk9sjUG-8SLFiNA9f1kddHcQDEUDPNdAbFW-ga114uhDpxJKUTjfCUosq7DQYWvd30LdDLrKAglena6My97F6JCjydSLDa-4OxzQJAC4stuhG5iL-K79TrsGgmCkyVPdchPwn9aNm48e3Up9zzgwfuudfZDje-CDKtD0ZJHb6xoDpfTEHmQXH8QjIPE-YzxaHAT9YQInDkP22ygrni4-jP3z77BS-qLeEJJB0-fk5IWmU5wKQ29T_w1cMhCGjurFggRPFqXMgHB185SGsGTqKmh80iJysIoAMhzNK6L4Yu7azekPJwSJHjGRwhnfoCOUzdCd7DZJgujqn1Z8TT4i1_bMIFcjsy7FR0HNZrYuImXnN5oPohO7-IVYhvIvJyvry9yFule4LhuZd37gBmUvoNmOqFmhW-nQxVLf4cP5rdcVn2YZ-L5bo8uUhj35-7EVEUUVfsHMnhHaRP3OdZWheS1hrbGhsrb65Ev8upq9HQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1BCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230104&jk=1729501424193876&bg=!sbKlsvbNAAYDMoyoIzI7ACkAdvg8Wu-EtO4_ryGL51_HMZAOT5YbpFicagnwR4E3Rydo9Qd2nTxbQQIAAAC1UgAAAAJoAQcKAMd58ZhvoN0JcgR6Em4raNP5ckiNjn3b3Hv1B7Huu0Jxd32K1ydll9BhOZjbptBTodGV8Lm7K8JQf2HhITh8TerAnQ4vQIIkq6a8x_27Wvj1imJ-r6WlXDR5KMRFbWRsW21kOM8QIMI5-7F7dpZ7Jm6DlS8zzRyaz8Cot-XSuRQLyDmr3W7uZ0KHxbrkpTvq-rhpl-E00qCZpQlXuTZj1jKQ2h1I1qAZLCtoTTnI60LZP_HZjisVbdBOWD2ZxtlYl8NfnWiPSvg1mQKui6Vmt1nbZAhrD2gH9PrSaqDIwxmta9cvmt6_W9EHs5TRD2nHWxf11F9WjxG5fegdNDax0PXpD1TtfihQnL-HWAk6IzRc-MXftLGgnNeInkP4I_voGxOMEwnRh0Et3DLkil98tV0T2PJwb__nc0KrYDlResUd1wXNMUqs2pxrMMb1qhHUvczoxXnjcDMe4jZNARkUd0_pGcKVI062UYVXEL64xuD5LS0bg14XYN-NF46YHds0dNtULUZJ3Wmo3eD2UUixhAR252t45A25SBgAdGE_2WlyDvr2FMebeHxx8txJH51VRWUOd_6aId979bL43YKIEqFdQR-J_n2B2CH6yhj8LdoP2CiwrYSxplT_AV4LCOarTJFf6UBFomeCoVWEPny_0SZgjH2hos8cq-rdUUs-t2chlrQL5vnkXNAlFXDeinASL6KvRr4zoWXZlDHkG8rjoePNG4MylREao60IFpklE4PpoxeozKUIsDrB6FURyrvNl13hTApQVPt1OLz-06xNwwXIM0e2sGcprKlDASJBQIxr4Ix5UL8WR-JdUmuevh8fY3UEjKU9vf2Cv_JGXPBA2Vc74RoCAAMXgnBvDL_fmXEp7vOI_qkWwYXJGUzkFdug1k7szpD9FsFmOH8kUITXZamFfhNQmJLU1sFiUcBvacLPnizaCS4bQu9zNqKoIaJsz-cEEWCCk7LOvPx13A5qX-SmEImxkrMudDjakRrwX0bz2xUp74ib8dvzAe1KfOTA55iuoOAibfjlMrj3hGUjI1FQ6XwMfY4Oe-Og6cv23NBjMczX8P7mj_F0o586m_nMt3MiKcrDodLllh4dxAHr51dgnJDwKppPuihORj9yfTEukLZIECx4NHrIP1cBZqpCnnl9YeVrbh0NTZkZP1Bf95sw7stpKCTgcLo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 06 Jan 2023 13:13:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
429238
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		335 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
8dba7bbb522f73b178d42e533b2dad867d521eebe9559988127a6ed306698ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
624384
expires
0
rid
match.adsrvr.org/track/ 		108 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
947599136c022b15206e62d9557543bfc54fcdc7482f0e5b045ded9bff9e360e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 13:13:50 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 05 Feb 2023 13:13:50 GMT
checksync.php
contextual.media.net/ Frame DE0A 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ecb7219605b8a6f0c8e56b59eb48a5c57ea932dc0d686ee370a0d96a5088ceea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11785
content-type
text/html; charset=UTF-8
date
Fri, 06 Jan 2023 13:13:51 GMT
expires
Sun, 08 Jan 2023 13:13:51 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 82CC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
499
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7854b69c5ff51c51-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Jan 2023 13:13:50 GMT
expires
Fri, 06 Jan 2023 17:13:50 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A28A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
72595
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 06 Jan 2023 13:13:51 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
13, 235409
X-Served-By
cache-lga13626-LGA, cache-fty21378-FTY
X-Timer
S1673010831.278109,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame DBAE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Jan 2023 13:13:51 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D79E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1673010825757
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
d70f9a37ca5741e0952bfa510ab9ff0bbc3af2a3497b256727943cbd9a5a35a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1374
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 2D84 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
219688c7844c3cbbf852b21f7bf288ef72fc9df3d4d97cb3a87d893bc454c8e8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1143
content-type
text/html; charset=utf-8
date
Fri, 06 Jan 2023 13:13:50 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame BFD8 		533 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c2ced5e7f96ed81695c32f0b66247e595108075d0dc3d671db151d2eed8fe86f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Fri, 06 Jan 2023 13:13:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame F1EC 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-129.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
63344
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 19:38:08 GMT
etag
W/"500c31eb3dcfb8f2a7dc0893b86a487a"
last-modified
Thu, 01 Dec 2022 19:37:41 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 90df5e49b328fddf16d1ea3adbbfca0e.cloudfront.net (CloudFront)
x-amz-cf-id
DDK9Xulg6FsnSlnw0exuVUjKT7pBR0Vs6p1UGDnBt1j3dDFdGnKNhg==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5
86c7b5baa8ca6b64006191aa90b9f19a
x-amz-meta-codebuild-content-sha256
7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-cache
Hit from cloudfront
xuid
eb2.3lift.com/ Frame 2D84
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 06 Jan 2023 13:13:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 2D84
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2D84
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJJUYkPPYYw8GXKk33MatpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJJUYkPPYYw8GXKk33MatpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 06 Jan 2023 13:13:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEJJUYkPPYYw8GXKk33MatpE&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2D84
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODk4NTk3NTkwODMzMTc5NTc3Mjc0
date
Fri, 06 Jan 2023 13:13:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2D84
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=898597590833179577274&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=898597590833179577274&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=898597590833179577274&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:50 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EA4AC3BF01BD4B2ABE05A964661651B7 Ref B: SYD03EDGE1121 Ref C: 2023-01-06T13:13:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxmDBTBmnPb1ivkrTkpg==

Redirect headers

date
Fri, 06 Jan 2023 13:13:50 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 79CABDA503414A75941425D3B5F7DAF6 Ref B: SYD03EDGE1121 Ref C: 2023-01-06T13:13:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/setuid?partner=tripleliftdbredirect&tlUid=898597590833179577274&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxmDBMkQGP+iaPOiinAA==
xuid
eb2.3lift.com/ Frame 2D84
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=898597590833179577274&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=5176348df9df425b8ce37a00c8a4af5d&ssp=triplelift&bsw_param=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=074d7077-2f34-403b-a2aa-df0dcaff65fc&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=074d7077-2f34-403b-a2aa-df0dcaff65fc&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 06 Jan 2023 13:13:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=074d7077-2f34-403b-a2aa-df0dcaff65fc&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 06 Jan 2023 13:13:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 2D84
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/898597590833179577274?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-iEkJhXVE2oQoc650N.KVSL15rC4dHBhWnQAOUY.IGA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iEkJhXVE2oQoc650N.KVSL15rC4dHBhWnQAOUY.IGA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 06 Jan 2023 13:13:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 06 Jan 2023 13:13:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-iEkJhXVE2oQoc650N.KVSL15rC4dHBhWnQAOUY.IGA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 2D84
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=898597590833179577274
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=898597590833179577274&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=898597590833179577274&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:51 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DKJZ06NJY8WV8PQ5KM92
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=898597590833179577274&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 2D84 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=898597590833179577274&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
last-modified
Thu, 05 Jan 2023 17:41:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E005C1CD702847EF81AEA96E7952C9BA Ref B: SYD03EDGE1714 Ref C: 2023-01-06T13:13:51Z
etag
"f0942be52c21d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 2D84
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6656712337342249006&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6656712337342249006&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 06 Jan 2023 13:13:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Fri, 06 Jan 2023 13:13:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7ec7fbc2-2eee-4086-b5f1-ed61c2b82334
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=6656712337342249006&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BFD8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4377711341023061206&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4377711341023061206&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4377711341023061206&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame BFD8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=bedf7851-dd49-7666-d900-ed1edafbeb1f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&ttd_puid=bedf7851-dd49-7666-d900-ed1edafbeb1f&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&ttd_puid=bedf7851-dd49-7666-d900-ed1edafbeb1f&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&ttd_puid=bedf7851-dd49-7666-d900-ed1edafbeb1f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame BFD8
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7gej8Co8XoAAPMYB9QAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7gej8Co8XoAAPMYB9QAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 06 Jan 2023 13:13:51 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"116.90.74.203","key":"Y7gej8Co8XoAAPMYB9QAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad213"}
X-SO-Key
Y7gej8Co8XoAAPMYB9QAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad213
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y7gej8Co8XoAAPMYB9QAAAAA
Cache-Control
private
X-SO-HostName
m-ad213.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng22.dc4p.scaleout.jp
X-SO-IP
116.90.74.203
sd
jp-u.openx.net/w/1.0/ Frame BFD8
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARd_64vt81Foks8ADzD_5JFc8M8AAAGFhzdhXA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARd_64vt81Foks8ADzD_5JFc8M8AAAGFhzdhXA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
via
1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ARd_64vt81Foks8ADzD_5JFc8M8AAAGFhzdhXA
cache-control
no-cache
content-length
0
x-amz-cf-id
rJ604erw4XmzcsX-RKOpLOODaQIn3wNA-QHelwf2stz4Yq8aR4Oxgg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame BFD8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTJiMGFiOWItMTQzZS0yOGMyLWNjZTAtYjdhNzEwMTkyNTdm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BFD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL4y3Orf8ApeWpG9Uelu9Ps&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BB54 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b283ca93492f1e61727b9c49f98d3fac7ab7a462c83df03076d6955703d00015

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7854b69ec8b01c51-AKL
content-encoding
br
content-type
text/html
date
Fri, 06 Jan 2023 13:13:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gxh50gCyjfwjPkkIHidYOSd0EqukjuauThbjBJQESRgIOQqSH881dKeoLzbVtRUghtAz04raEW1Q69tCmZoPZn4d0x4UQuDmTWJGx3vPG6FMcf%2Furd3K5FB4JQ%2BPshu3CuQmgTfEZ9iQgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/match/ Frame D79E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=834063b8-1e8f-4500-b5cb-f10319fa7813&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=834063b8-1e8f-4500-b5cb-f10319fa7813&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 06 Jan 2023 13:13:51 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=834063b8-1e8f-4500-b5cb-f10319fa7813&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 06 Jan 2023 13:13:50 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D79E 		0
0
/
onetag-sys.com/match/ Frame D79E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6656712337342249006
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6656712337342249006
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 06 Jan 2023 13:13:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cd9796bb-d21d-4ce3-9cf4-439ed1f63182
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=6656712337342249006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D79E 		42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Bl8AI8yednLOrpMmC24yAwkGGLJI_5ZCIjn7PBvQg_w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D79E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3XuofLalbmPP8pDb6Na8vHI3rjOfCZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3XuofLalbmPP8pDb6Na8vHI3rjOfCZQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3XuofLalbmPP8pDb6Na8vHI3rjOfCZQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame D79E 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.38 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:51 GMT
content-length
0
/
onetag-sys.com/match/ Frame D79E
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCI-94J0GEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Fri, 06 Jan 2023 13:13:51 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D79E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TVQD1X3QAJNVBT118VMD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame D79E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
content-length
0
/
onetag-sys.com/match/ Frame D79E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame D79E 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame D79E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame D79E 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1673010825757
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame FB50 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlkDXoLzHh912vbRuQXYSzRJe3fOKIcKpE-pvwmg680ZVd_wm9ymkxhsNngVTIVM-Nsgv51uItwM9ZOeBQjBYFBIwFvNGKfD8gCCTRo--8ptxPLhunZ2KD-m2AC2cf3OTF-eU&sai=AMfl-YTAQ28gNpPF40qS34u5MWxTBvOsRI2dd2Sl21AgyEzIaOIIlpZM7x65oKFckiy3cl0LijM5VrGc_-vbNBsDJ20LEGMs8S9U7Ut0KesmC2Ycu9MixvB4ROvn3xCJhQ&sig=Cg0ArKJSzB9qIeaXfZu_EAE&cid=CAQSOwDq26N98prPkOQ8G55tt_wPpwyYOd_4fYWePgtbh_Sa1QP4As1pQ36rFBkeVDU0VJdxb_SPtCZCQjIjGAEgEw&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673010828205&rpt=1905&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E9B7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-3vxBfh67w4kvZws8L5BvK21siXQtvra2EhwuHiChkBEK4guMPgIw1qzcYrKDHunXidA8bFLYiID8zGiwwBxl24lH3Wn3NYJlh0Q1CLVgFfznDg6ZQI9rQFyl1JwEQEGR77c&sai=AMfl-YTmVx262l9STYQ4EroiJVs7Y5rw9BToYFlJekbFK_z5bX156FRSPz4y-SaMapYCnaIXang9qdQ_8Am8F-HMDSbnPl-nlASAlR3AucQ_4lu4EdCDzJKcM3-X6HP1kw&sig=Cg0ArKJSzHt-meG0GSyPEAE&cid=CAQSOwDq26N98prPkOQ8G55tt_wPpwyYOd_4fYWePgtbh_Sa1QP4As1pQ36rFBkeVDU0VJdxb_SPtCZCQjIjGAEgEw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673010828226&rpt=2019&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame DBAE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cfec61fb44a99c7924672fba480ad37f45a19e280a101fae1e433c5f96f140e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 16:49:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12918
Connection
keep-alive
Content-Length
10067
Expires
Fri, 06 Jan 2023 16:49:09 GMT
rum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&expiration=1675602831&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&expiration=1675602831&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&expiration=1675602831&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBgKxfAXejKZaaOo04jZ6A1X8i7ob%2BUe8Ui1Uk8ewDR%2BadovZBTsEkOsjIcwAf%2FqsN9NKtFAlZTX0ww5nVn762orU7umFJZ2CroNvbsm%2Fgs2gGXFG59IVg1Y9DUJjaQdVdh3x%2BO6L9BY4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7854b6a52d641c5e-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BB54
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V9MSE59G7D80R5VV0Y5R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0R0E75N8XF9X0PM57QME
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6656712337342249006
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6656712337342249006
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0f656740-a396-42d8-aabb-4d598fa00734
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6656712337342249006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_63b81e8fee0e7&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_63b81e8fee0e7
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_63b81e8fee0e7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 06 Jan 2023 13:13:52 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_63b81e8fee0e7
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
tp_out
d.adroll.com/cm/index/ Frame BB54 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.169.30 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-169-30.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:51 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
/
csync.loopme.me/ Frame BB54 		0
0
crum
dsum-sec.casalemedia.com/ Frame BB54
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tIk7TkZB1PdMxG5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tIk7TkZB1PdMxG5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0cfbcc7100bd67995@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tIk7TkZB1PdMxG5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame BB54 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y7geiJxeP2FzdA.HuTl.WwAA%264919
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
3368
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7854b6a73fc31c4d-AKL
content-length
43
expires
Sat, 07 Jan 2023 13:13:52 GMT
async_usersync
ib.adnxs.com/ Frame A28A 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:51 GMT
AN-X-Request-Uuid
bdcb3dff-89ec-4566-9dd7-796512e24514
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame DE0A 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
551423
expires
60
usync.html
eus.rubiconproject.com/ Frame 3CF6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Jan 2023 13:13:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 06 Jan 2023 13:13:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame 0A94 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 63E1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dpba%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45679
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 06 Jan 2023 13:13:52 GMT
expires
Sat, 07 Jan 2023 01:55:11 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame DE0A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dapx%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=apx&refUrl=&vid=30108315433160124317444387000V10&ovsid=6656712337342249006
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=apx&refUrl=&vid=30108315433160124317444387000V10&ovsid=6656712337342249006
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 06 Jan 2023 13:13:52 GMT

Redirect headers

Date
Fri, 06 Jan 2023 13:13:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
625b5211-9461-4c1f-a754-6e58d4423c6b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=apx&refUrl=&vid=30108315433160124317444387000V10&ovsid=6656712337342249006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame DE0A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3160124317444387...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3160124317444387000V10&type=opx&refUrl=&vid=30108315433160124317444387000V10&ovsid=76f311ce-7649-4c86-ba4f-9370681479c3
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3160124317444387000V10&type=opx&refUrl=&vid=30108315433160124317444387000V10&ovsid=76f311ce-7649-4c86-ba4f-9370681479c3
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:51 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Fri, 06 Jan 2023 13:13:51 GMT

Redirect headers

date
Fri, 06 Jan 2023 13:13:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3160124317444387000V10&type=opx&refUrl=&vid=30108315433160124317444387000V10&ovsid=76f311ce-7649-4c86-ba4f-9370681479c3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame DE0A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dmma%26refUrl%3D%26vid%3D301083154331601243174443...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=mma&refUrl=&vid=30108315433160124317444387000V10&ovsid=108b63b8-1e8f-4600-8b30-45c01ce9bb87
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=mma&refUrl=&vid=30108315433160124317444387000V10&ovsid=108b63b8-1e8f-4600-8b30-45c01ce9bb87
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 06 Jan 2023 13:13:52 GMT

Redirect headers

Date
Fri, 06 Jan 2023 13:13:51 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=mma&refUrl=&vid=30108315433160124317444387000V10&ovsid=108b63b8-1e8f-4600-8b30-45c01ce9bb87
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 06 Jan 2023 13:13:50 GMT
1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
sync.1rx.io/usersync/tradedesk/ Frame DE0A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dr1%26refUrl%3D%26vid%3D30108315433160124317...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5944598434
  • https://sync.1rx.io/usersync/tradedesk/1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
0
0
cksync
cs.media.net/ Frame DE0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzE2MDEyNDMxNzQ0NDM4NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOFiF78_lYje3FllONUsEP4&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOFiF78_lYje3FllONUsEP4&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 06 Jan 2023 13:13:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEOFiF78_lYje3FllONUsEP4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DE0A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30108315433160124317444...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Ddxu%26refUrl%3D%26vid%3D30108315433160124...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=dxu&refUrl=&vid=30108315433160124317444387000V10&ovsid=IfmCv1Kd1PdMxG5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=dxu&refUrl=&vid=30108315433160124317444387000V10&ovsid=IfmCv1Kd1PdMxG5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 06 Jan 2023 13:13:52 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0eefe15c9b8b9941b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3160124317444387000V10&type=dxu&refUrl=&vid=30108315433160124317444387000V10&ovsid=IfmCv1Kd1PdMxG5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame DE0A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f59370ba-c557-44b9-9790-a3a5b495c3de
45 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f59370ba-c557-44b9-9790-a3a5b495c3de
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.136.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-136-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 13:13:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Fri, 06 Jan 2023 13:13:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f59370ba-c557-44b9-9790-a3a5b495c3de
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1452866
content-length
0
expires
Fri, 06 Jan 2023 00:00:00 GMT
/
onetag-sys.com/match/ Frame DE0A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-Hi1DywVE2pmUZcIxqkLtmVFj_P7o2PrLMREaFQ--~A&expires=5
  • https://onetag-sys.com/match/?int_id=30&uid=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=074d7077-2f34-403b-a2aa-df0dcaff65fc&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 06 Jan 2023 13:13:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/medianet/ Frame DE0A 		0
0
sync
rtb.mfadsrvr.com/ Frame DE0A 		0
0
cksync
cs.media.net/ Frame DE0A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
96.17.188.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Fri, 06 Jan 2023 13:13:52 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame F52C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
token
pixel.rubiconproject.com/ Frame DBAE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M--bmvNURVaipeCBQ-a5MA&rk=usync-na
0
0
pixel
cm.g.doubleclick.net/ Frame DBAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSkc3TDctTy0xS0RJ
0
0
tap.php
pixel.rubiconproject.com/ Frame DBAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/QpGNSGsu1ixhPTM-pVBA7Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s8rYw8pE2oLfHcig3tSgGepqw_Uu0actITUm5A--~A
0
0
tap.php
pixel.rubiconproject.com/ Frame DBAE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=&expires=30
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame DBAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKJG7L7-O-1KDI
0
0
pixel
cm.g.doubleclick.net/ Frame DBAE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwZDU3NDk3M2Y3ZDI1YWZjNWFlOWVjYjVlYzg0YmRlMWI1NDQ3OQ
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame DBAE 		0
0
tap.php
pixel.rubiconproject.com/ Frame DBAE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECnYU0eX-MMajCxazXe16MQ&google_cver=1
42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECnYU0eX-MMajCxazXe16MQ&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/2019shi-er-xing-zuo-huan-yao-shuai-duo-jiu-tang-qi-yang-pu-zhuan-yun-guan-jian.html
Protocol
HTTP/1.1
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECnYU0eX-MMajCxazXe16MQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame A644 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:51:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 17:51:06 GMT
13926
g2.gumgum.com/usync/ Frame 82A0 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.166.206 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
2365ae716c326172adb0b5b2e93a81c9efb69dd8119cdcf1c3aae16df139de1f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 06 Jan 2023 13:13:52 GMT
etag
W/"00d3cdf5c31ce584548e6d31b27b92237"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame D1B6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
8e3aadbd88bfdd979646ed6cdfc1c7fe03892b9fcef9c75bea51319169a9ff4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1397
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame CB33 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame FD88 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71218497590f0e0638316a1deabbbd5f0b6b68a1ac777fa44ca7c9688be4699d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7854b6a52d651c5e-AKL
content-encoding
br
content-type
text/html
date
Fri, 06 Jan 2023 13:13:52 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecrxz4yDz3tkdQD%2FUIOOMjKLYnkDT1MRMiI8h1RF4lPLp2Y7uiLJCdWrlLTkuZHHGGtu7VNXXv5shvgOstNJ4FGutVH6TwAMEJWKK0T%2Ft4tZ7OPaNLtp8LGEqoiEWwYda7evf48jwlCUIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E414
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Jan 2023 13:13:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 06 Jan 2023 13:13:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 839B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45679
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 06 Jan 2023 13:13:52 GMT
expires
Sat, 07 Jan 2023 01:55:11 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame D240 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.73 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3478056c09bc79ba2581dc9b3e16be264e9f4f9c6424d566d982ad3068cc17b6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-type
text/html
date
Fri, 06 Jan 2023 13:13:52 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-cf-id
OnpPgIsmwZ5tGPhAmVnfcZnkHRDY9xGfuHq-A6wESi8qhZDT9tcJfg==
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6656712337342249006
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6656712337342249006
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.223.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-223-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d1005a97-f415-493f-97ae-7ef191a71e03
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=6656712337342249006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=F8O5CRZHpQa602DiRZq3oi4I
0
0
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=F8O5CRZHpQa602DiRZq3oi4I
0
0
1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
sync.1rx.io/usersync/tradedesk/ Frame F1EC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7334823401
  • https://sync.1rx.io/usersync/tradedesk/1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
0
0
cm
p.rfihub.com/ Frame F1EC 		0
0
usa
sync.go.sonobi.com/ Frame F1EC 		0
0
getuid
ib.adnxs.com/ Frame F1EC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10202%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%...
  • https://prebid.a-mo.net/cchain/0/10202?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=ac9f57d1-8f83-4117-b79f-d364282eaa9b&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10202%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dac9f57d1-8f83-4117-b79f-d364282eaa9b%26bidder%3Dappnexus%26cbx%...
0
0
sync
ads.servenobid.com/ Frame F1EC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-dCG7vw9E2uHcU9tF5LgfNryVzxJJdqFFlmRRQSI-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-dCG7vw9E2uHcU9tF5LgfNryVzxJJdqFFlmRRQSI-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.223.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-223-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-dCG7vw9E2uHcU9tF5LgfNryVzxJJdqFFlmRRQSI-~A
date
Fri, 06 Jan 2023 13:13:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame F1EC 		0
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame F1EC 		0
0
Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FD88 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.75.85 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-75-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame FD88
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4377711341023061206
0
0
crum
dsum-sec.casalemedia.com/ Frame FD88
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=108b63b8-1e8f-4600-8b30-45c01ce9bb87
0
0
Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FD88
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
52.77.75.85 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-75-85.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
date
Fri, 06 Jan 2023 13:13:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame FD88 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame FD88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hhv2LXUYcabBkL1tNHCJ8qCywbOxqM6q2h6s%2FiAFIvPGgTWJgRBJHQtJtsKjZaX8SCqDEuA32hlZJz4bAqUQkFDDYVzdlFAvVEASyx%2F9avhrDCguM5Qjte%2BwNTVIdSZFF8%2B22LwG9%2BXFvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7854b6a92f471c5e-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIvO2OYJ2YRYgOagf-_9EjM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame FD88 		0
0
crum
dsum-sec.casalemedia.com/ Frame FD88
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688649232&external_user_id=271c5032-7bf6-431a-a373-bdf49363cef3
0
0
sync
ads.servenobid.com/ Frame FD88 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y7geiJxeP2FzdA-HuTl-WwAAEzcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.223.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-223-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
cm.g.doubleclick.net/ Frame D1B6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3ZSP7lmurTU4JrjnM48R0n-UQ4ZTIpg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3ZSP7lmurTU4JrjnM48R0n-UQ4ZTIpg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 13:13:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhYc3ZSP7lmurTU4JrjnM48R0n-UQ4ZTIpg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame D1B6 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 13:13:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame D1B6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
Server
MT3 277 3f0ad7a master hkg-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 06 Jan 2023 13:13:51 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D1B6 		0
0
/
onetag-sys.com/match/ Frame D1B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6656712337342249006
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6656712337342249006
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
84cf63e7-84ef-46eb-824c-f5f2cc41f22e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=6656712337342249006
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D1B6 		42 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame D1B6
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3702482609531795948
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=3702482609531795948
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.79.234.100 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=3702482609531795948
date
Fri, 06 Jan 2023 13:13:52 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame D1B6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GFb-db-_ssGnZe2yyX8xCzZ3XXh3fnbxc1o0BnOBHFU
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D1B6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
0
0
/
onetag-sys.com/match/ Frame D1B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
0
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame D1B6 		0
0
generic
match.adsrvr.org/track/cmf/ Frame D1B6 		0
0
sync
x.bidswitch.net/ Frame D1B6 		0
0
sync
ads.servenobid.com/ Frame D1B6 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 839B 		0
0
async_usersync
ib.adnxs.com/ Frame A28A 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 13:13:52 GMT
AN-X-Request-Uuid
cd3bd852-b5b9-4374-9615-9b57f7a2c1df
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.203; 116.90.74.203; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E414 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cfec61fb44a99c7924672fba480ad37f45a19e280a101fae1e433c5f96f140e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 16:49:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12917
Connection
keep-alive
Content-Length
10067
Expires
Fri, 06 Jan 2023 16:49:09 GMT
usync.js
eus.rubiconproject.com/ Frame 3CF6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cfec61fb44a99c7924672fba480ad37f45a19e280a101fae1e433c5f96f140e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 13:13:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 16:49:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12917
Connection
keep-alive
Content-Length
10067
Expires
Fri, 06 Jan 2023 16:49:09 GMT
usersync
usersync.gumgum.com/ Frame 82A0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6656712337342249006
0
0
p-zLwwakwy-hZw3.gif
cms.quantserve.com/pixel/ Frame 82A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_07c8dfaf-d8a1-4c94-8f92-1e12ad778412&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
0
0
sync
sync.srv.stackadapt.com/ Frame 82A0 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame 82A0 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 82A0
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8881521231
0
0
rtset
bh.contextweb.com/bh/ Frame 82A0 		0
0
redirectObuid
sync.outbrain.com/ Frame 82A0 		0
0
usersync
usersync.gumgum.com/ Frame 82A0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=49e2dc21-f55c-4e30-be7b-fdf312abea59
0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 82A0 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 82A0 		0
0
services
sync.technoratimedia.com/ Frame 82A0 		0
0
142
match.deepintent.com/usersync/ Frame 82A0 		0
0
server_match
ad.360yield.com/ Frame 82A0 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 82A0 		0
0
sync
ads.servenobid.com/ Frame 82A0 		0
0
oRTB
sync.inmobi.com/ Frame E19A 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F09 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=45679
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 06 Jan 2023 13:13:52 GMT
expires
Sat, 07 Jan 2023 01:55:11 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 612D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
0
0
usersync
usersync.gumgum.com/ Frame A4A4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 1038 		0
0
pixel
cm.g.doubleclick.net/ Frame 6A12 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wN2M4ZGZhZi1kOGExLTRjOTQtOGY5Mi0xZTEyYWQ3Nzg0MTI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 13:13:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 1F22 		0
0
usersync
usersync.gumgum.com/ Frame B8A5
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y7gekMCo8XoAAPMYCNcAAAAA
0
0
gumgum
cs.admanmedia.com/sync/ Frame 19B3 		0
0
usersync
usersync.gumgum.com/ Frame E956
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y7geiJxeP2FzdA.HuTl.WwAA%264919
0
0
cm-notify
creativecdn.com/ Frame 91D9 		0
0
usync.html
eus.rubiconproject.com/ Frame 22A3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
0
0
cs
cs.minutemedia-prebid.com/ Frame D240
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=898597590833179577274
0
0
v1
match.sharethrough.com/universal/ Frame D240 		0
0
3e1ed898b08f9e935ca99407796b46c0.gif
cs.iqzone.com/ Frame D240 		0
0
server_match
ad.360yield.com/ Frame D240 		0
0
rtset
bh.contextweb.com/bh/ Frame D240 		0
0
getuid
secure.adnxs.com/ Frame D240 		0
0
cs
cs.minutemedia-prebid.com/ Frame D240
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=27869a55-a2db-4932-a198-f4e99af861fa
0
0
6185b9cf4d72f7e454746134b8c78716.gif
cs.krushmedia.com/ Frame D240 		0
0
sync
ssbsync.smartadserver.com/api/ Frame D240 		0
0
/
ssc-cms.33across.com/ps/ Frame D240 		0
0
redirectuser
ssp.disqus.com/ Frame D240 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame D240 		0
0
pbsync
ads.yieldmo.com/ Frame D240 		0
0
minute_media
cs.admanmedia.com/sync/ Frame D240 		0
0
sync
rtb.mfadsrvr.com/ Frame D240 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame D240 		0
0
0
prebid.a-mo.net/cchain/ Frame D240 		0
0
us
sync.go.sonobi.com/ Frame D240 		0
0
occ
ups.analytics.yahoo.com/ups/58611/ Frame D240 		0
0
sync
x.bidswitch.net/ Frame D240 		0
0
match
ads.betweendigital.com/ Frame D240 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame D240 		0
0
pixel
ap.lijit.com/ Frame D240 		0
0
sync
ads.servenobid.com/ Frame D240 		0
0
/
onetag-sys.com/usync/ Frame 9BC8 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame BE33 		0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame E414 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 3CF6 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Drkt%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D%7Buserid%7D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3160124317444387000V10%26type%3Dzem%26refUrl%3D%26vid%3D30108315433160124317444387000V10%26ovsid%3D__ZUID__
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3160124317444387000V10
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M--bmvNURVaipeCBQ-a5MA&rk=usync-na
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSkc3TDctTy0xS0RJ
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-s8rYw8pE2oLfHcig3tSgGepqw_Uu0actITUm5A--~A
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKJG7L7-O-1KDI
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTIwZDU3NDk3M2Y3ZDI1YWZjNWFlOWVjYjVlYzg0YmRlMWI1NDQ3OQ
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=F8O5CRZHpQa602DiRZq3oi4I
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=F8O5CRZHpQa602DiRZq3oi4I
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/tradedesk/1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10202%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3Dac9f57d1-8f83-4117-b79f-d364282eaa9b%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58632/occ
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4377711341023061206
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=108b63b8-1e8f-4600-8b30-45c01ce9bb87
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688649232&external_user_id=271c5032-7bf6-431a-a373-bdf49363cef3
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GFb-db-_ssGnZe2yyX8xCzZ3XXh3fnbxc1o0BnOBHFU
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGOo3UhxHpMnzJTsLyGlPfE&google_cver=1
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=318&uid=uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93538912&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=6656712337342249006
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=a_07c8dfaf-d8a1-4c94-8f92-1e12ad778412&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8881521231
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=49e2dc21-f55c-4e30-be7b-fdf312abea59
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_07c8dfaf-d8a1-4c94-8f92-1e12ad778412
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=108b63b8-1e8f-4600-8b30-45c01ce9bb87&gdpr=0&gdpr_consent=
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=Y7gekMCo8XoAAPMYCNcAAAAA
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=a_07c8dfaf-d8a1-4c94-8f92-1e12ad778412&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=Y7geiJxeP2FzdA.HuTl.WwAA%264919
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=898597590833179577274
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
Domain
cs.iqzone.com
URL
https://cs.iqzone.com/3e1ed898b08f9e935ca99407796b46c0.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21508%26puid%3D[UID]
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=562760&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26id%3D$UID
Domain
cs.minutemedia-prebid.com
URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=27869a55-a2db-4932-a198-f4e99af861fa
Domain
cs.krushmedia.com
URL
https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/sync?ssp=minutemedia
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58611/occ?gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3D%5BRX_UUID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=348&uid=HZHegtFaC_mm
Domain
onetag-sys.com
URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LCKJG7L7-O-1KDI
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LCKJG7L7-O-1KDI

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontentvisibilityautostatechange object| adpushup object| ucfad_async object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| ucf object| request string| paramsString object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| setImmediate function| clearImmediate number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter boolean| ampInaboxInitialized object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags number| ampAdPageCorrelator object| listeningFors number| 3pla object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo function| quantserve function| __qc object| ezt object| _qoptions object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries boolean| descriptionPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

73 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQhLrdudgwCgoIgQIQhLrdudgwCgoI4gEQhLrdudgwCgoI5gEQhLrdudgwCgoIhwIQhLrdudgwCgkICRCEut252DAKCQg6EIS63bnYMAoKCIwCEIS63bnYMAoJCF8QhLrdudgwCgkIHxCEut252DA=
.aralego.com/ Name: sspid
Value: 2f1e5f26-be90-3551-ba75-cec3110db6b5
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 80c9171e-47b0-4091-b87e-5b693964d5c7
.doubleclick.net/ Name: IDE
Value: AHWqTUkihNwiFSsJixAR39YSaSpVq4GTxRfu4otLN713lscLig6-ly_y1bwyq51Ov6o
.bg3.co/ Name: __gpi
Value: UID=00000b9eefb1fb31:T=1673010822:RT=1673010822:S=ALNI_Mbs43hAoOztBoYY8tvQaAuNhBa2Vg
.adpushup.com/ Name: ap_uid
Value: f1a169e0-8dc3-11ed-83ff-002248574df8
.adpushup.com/ Name: ap_usid
Value: f1a169e1-8dc3-11ed-83ff-002248574df8
.adnxs.com/ Name: uuid2
Value: 6656712337342249006
.openx.net/ Name: i
Value: 6d734708-74ce-4991-83d6-25f6bedcd8e2|1673010823
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hc'qgMF_!@wnfH8K6pQK`!5=E<*L5?%M52*Qa>f@6`V.y8[@18MV$hsM#$AjP66OATj5%nugO%v4VB%nnub*8Qvo
.3lift.com/ Name: tluid
Value: 898597590833179577274
.smaato.net/ Name: SCM
Value: fe6845f2
.smaato.net/ Name: SCMg
Value: fe6845f2
.tribalfusion.com/ Name: ANON_ID
Value: aNnsIHyg6AarA7u8QGkptCwuTFn544ZalT91rYApUCLQ2BF1ZaeGT4nlbosEAKBUbXjrKZdxg2rjvj0eIUEMWBBK3aa
.bidswitch.net/ Name: tuuid
Value: 074d7077-2f34-403b-a2aa-df0dcaff65fc
.bidswitch.net/ Name: c
Value: 1673010824
.bidswitch.net/ Name: tuuid_lu
Value: 1673010824
.casalemedia.com/ Name: CMID
Value: Y7geiJxeP2FzdA.HuTl.WwAA
.casalemedia.com/ Name: CMPS
Value: 4919
.casalemedia.com/ Name: CMPRO
Value: 4919
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 40b4d72b-32cc-47b1-8713-0cd773cd1dd2
.adtdp.com/ Name: uid
Value: AYWHN0V8pZmmBNC_JhA
.adtdp.com/ Name: dynid
Value: AYWHN0V8pZmmBNC_JhA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5867ca82-0a24-4af2-b300-bf3cf1b34568-004%22%7D
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwib3gnQY4AUABSAEQib3gnQYYAA..
.adsrvr.org/ Name: TDID
Value: 1d2d1392-e1ff-40eb-bc3d-a62f23c441d2
.blismedia.com/ Name: b
Value: 63B81E89C8DF027846DCF893BLIS
.omnitagjs.com/ Name: ayl_visitor
Value: e1652544d8034fb20e6290bdfe5824da
.ctnsnet.com/ Name: gid_CAESEM3Zm4jhYFXgEBfZhuhZpyA
Value: 1
.ctnsnet.com/ Name: cid_5066e2ea95954950ae5977a86b98d292
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBIkeuGMCEJFp7eisBrlq6ExbZSnVwxoFEgEBAQFwuWPCYwAAAAAA_eMAAA&S=AQAAAunSDs7NZE7dluG12qvPq9M
.teads.tv/ Name: tt_viewer
Value: 9338c7ed-8fe4-4d16-8251-ab365304b927
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5867ca82-0a24-4af2-b300-bf3cf1b34568-004%22%7D
.rubiconproject.com/ Name: khaos
Value: LCKJG7L7-O-1KDI
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJgE0O5HPg0GXXrd8oPN4aCnnuLyaIi7TF0Ke3rY1LsNC5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.adkernel.com/ Name: ADKUID
Value: A4213833176568408785
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A4213833176568408785
.quantserve.com/ Name: mc
Value: 63b81e8c-09853-7b74c-fdffd
.bg3.co/ Name: __qca
Value: P0-723096048-1673010824823
.bg3.co/ Name: __gads
Value: ID=26f29ffa4f73c0c4-22a463c830d90048:T=1673010822:S=ALNI_MaBJhxejXPhcZN-NbxEg8P_N6fKxA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1673010828.1.0.1673010828.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.301647917.1673010820
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%221d2d1392-e1ff-40eb-bc3d-a62f23c441d2%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-06T13%3A13%3A50%22%7D
.openx.net/ Name: pd
Value: v2|1673010830|jElYiuvOiahI
.onetag-sys.com/ Name: OTP
Value: uHmTS-608uXCx0Zc1tUU_nWkN0KWS4n5BOGCnDOYrDs
.openx.net/ Name: univ_id
Value: 537072971|1d2d1392-e1ff-40eb-bc3d-a62f23c441d2|1673010831143829
.casalemedia.com/ Name: CMTS
Value: 4721
.linkedin.com/ Name: li_sugr
Value: 7633f964-5216-479e-8cf3-f276dafc58ca
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8901a0ae-70fd-40ee-861a-d16822002c8d"
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2886:u=1:x=1:i=1673010831:t=1673097231:v=2:sig=AQEroMNQlpzf0GS9gEuhSKYxuhMvPvMA"
.rlcdn.com/ Name: rlas3
Value: v3LO0zWLcKWczQQqCS4p/wUWNDR7yPgj2JwOFBtX+ZQ=
.media.net/ Name: visitor-id
Value: 3160124317444387000V10
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjczMDEwODMxfQ
.bing.com/ Name: MUID
Value: 3F55E974BD4D604914CDFBE5BCB7614F
.c.bing.com/ Name: MR
Value: 0
.admixer.net/ Name: am-uid
Value: 5176348df9df425b8ce37a00c8a4af5d
.ladsp.com/ Name: smn_uid
Value: HSDDZGmCUGzpdwc3euvL4w8w_-SRXPA
.ladsp.com/ Name: lum
Value: CNzC3bnYMBIFCAMQ0AU
.bg3.co/ Name: cto_bundle
Value: DXBVuV9Vcm4lMkZHNSUyRnhyS0VYdiUyQlZxQmJUa0UyemglMkZsY3hCY3lrWGlaSzhOczVqM2czbFYxZUNHN0VPSmkwUmhXQXhXaHozOFFVdml1aU8zZTRCNDJGUzJVY3RGRnNWSEdoJTJCU0ZNM2lpMnJORDM3SkUlM0Q
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsItoHV-rv8tzsQBRIVCgZjYXNhbGUSCwjMk5OyvPy3OxAFEhYKB3J1Ymljb24SCwiWi8q1vPy3OxAFGAUgBCgCMgsI9oGkptL8tzsQBTgB
.bg3.co/ Name: cto_bidid
Value: xs-qDl9WdE9XcnJGRG13WWZsemxKS3VHVXl0WU5hMTJkMks4UDRzNFBWSVBGbTc4TDZCRGx4R1QlMkIwMWI2N2xIM2JMSnRsVU9QNUZwekNsN25sRkJxVVRWZDNBJTNEJTNE
.mathtag.com/ Name: uuid
Value: 108b63b8-1e8f-4600-8b30-45c01ce9bb87
.amazon-adsystem.com/ Name: ad-id
Value: AwH20e-tN09gmUBD5e6mS1U|t
.dyntrk.com/ Name: dyn_u
Value: 07030001_63b81e8fee0e7
.rlcdn.com/ Name: pxrc
Value: CI+94J0GEgUI6AcQABIGCO25KxAA
.media.net/ Name: data-o
Value: 76f311ce-7649-4c86-ba4f-9370681479c3~~8

24 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/fbadcd95f2f7b45b0e1d8c4a8af3070d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/b71e66391bf29b085f6d382ab6480776.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/000fbb6bef85196bb9d5dff3affa16e0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/3eaad010dfece38cd08073d922f09636.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/2d9987563ce661673f05cfa7f195696d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/87835cde3dd52fd53d24da96ea711b33.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/ee6134fd1e841de9453ceca0ab4486d9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a8de810ad05769d03ba418def5572995.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202111/1206b444aca26f5db02bb5c3287b2ba9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202107/389a5ee68737fd6137c3f15799cd5ff7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/0cd1c65de06baeb4654504b0c9f501c5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/8e00104152670f4e88f043d9bb288437.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/cec5f510d4a7214644f0ac39c8e2cebc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/d1c2b54097b72706a6164db0180cdd13.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/9ab1e3515da5019b97e208d60aec7b94.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/e4b2fe4c16a42b57da79b56fe341c8aa.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.adpushup.com/42753/L2EvMjAxOXNoaS1lci14aW5nLXp1by1odWFuLXlhby1zaHVhaS1kdW8taml1LXRhbmctcWkteWFuZy1wdS16aHVhbi15dW4tZ3Vhbi1qaWFuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9950123323298102569/ad.html".
security error URL: https://e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7257878326248781077/ad.html".
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Message:
Mixed Content: The page at 'https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D' was loaded over HTTPS, but requested an insecure element 'http://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://cs.krushmedia.com/6185b9cf4d72f7e454746134b8c78716.gif?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21501%26puid%3D%5BUID%5D
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
ap.lijit.com
b19d529f819f1195203168fd382b9460.safeframe.googlesyndication.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
campaign.adpushup.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.media.net
cs.minutemedia-prebid.com
csync.loopme.me
d-3094591282289990921.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dynalyst-sync.adtdp.com
e00653bae3c6f2754046b2ceb61bb48b.safeframe.googlesyndication.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ff1e18b6558e69e136a3c8faf7319b1e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.betweendigital.com
ads.servenobid.com
ads.yieldmo.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.krushmedia.com
cs.minutemedia-prebid.com
csync.loopme.me
dsum-sec.casalemedia.com
eus.rubiconproject.com
ib.adnxs.com
image6.pubmatic.com
image8.pubmatic.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
ups.analytics.yahoo.com
usersync.gumgum.com
x.bidswitch.net
103.229.10.180
103.229.206.240
103.231.98.197
104.18.24.173
104.18.36.94
104.254.150.241
104.254.151.36
104.26.5.103
124.146.215.45
13.107.42.14
13.33.33.118
13.33.33.43
13.33.88.107
13.33.88.20
13.33.88.73
13.76.45.37
139.5.84.243
142.250.4.113
142.250.4.132
142.250.4.154
142.250.4.156
142.250.4.157
142.250.4.95
142.251.10.106
142.251.10.154
142.251.12.94
145.40.88.5
151.101.193.108
151.101.65.229
152.199.39.108
172.217.194.94
172.253.118.132
172.253.118.148
172.253.118.155
172.64.151.162
172.64.154.237
172.67.72.16
174.137.133.49
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.51.136.24
184.51.137.72
184.51.240.213
204.79.197.200
23.106.127.38
23.106.69.73
23.108.102.145
23.108.103.8
23.41.65.80
23.75.85.227
3.33.220.150
34.107.148.139
34.96.105.8
34.98.64.218
35.186.193.173
35.190.60.146
35.213.117.18
35.213.12.39
35.227.252.103
42.99.140.200
42.99.140.201
50.116.239.135
51.79.234.100
52.196.134.176
52.198.166.206
52.221.169.30
52.223.2.229
52.46.128.147
52.48.223.30
52.74.162.2
52.76.76.143
52.77.12.199
52.77.75.85
52.84.45.129
54.150.117.252
54.69.44.22
64.120.88.131
69.16.175.42
69.173.158.64
69.173.158.65
74.118.186.44
74.125.200.154
74.125.200.97
74.125.24.156
74.125.24.157
74.125.68.155
84.17.37.44
96.17.188.24
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0190469b6613fba4f3bf850c7fecfc7c3ed852d00d580447d05e29d68df25a5f
027ae5fb4933b58b47404641dfce6189212a2959fc84e44a157bf376a4ec1649
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
07545ac6c0457c1f4b5e2f565a591eb273f0c450c359ae7bdb6dbeddb04aa6d8
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34cb102990c1b0ba90b693198e9bde03f0a060d26ff42b3b230e781bb31f49
0fddacb1b4b94539fcb975e43c63d6b8fb2257f1c6cdefa318d156d4e5a57374
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11f7517ac842f1970ed232e08363ff8336e6e1fbb7c533177cb3406990cfb5de
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144d8125e167f34614a1b1a1e02c08c097b8ad8ec40d257050cc9f809b65202c
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
14d4ec1799c0ee13f8a013d9813021bbffa40ba760fe9499e226014a5287612b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1bd5b76c27f14dcf178807f6a204ab8b42e21cb46f736d6b4b07ffad2f2d8b4b
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
219688c7844c3cbbf852b21f7bf288ef72fc9df3d4d97cb3a87d893bc454c8e8
2344c4525a013a1b6a135714f00acf1466f72a3442b63856ad16d26db164f34f
2365ae716c326172adb0b5b2e93a81c9efb69dd8119cdcf1c3aae16df139de1f
24de1319f0ba3f987fea8b613dbf4c46dc03da82167057edd4e11fa9332677be
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2b2008ee1629a387b0542abd6f8d4d9fdb062d2fcf4f3a7ef7c84afa411a643f
2e4a250ad3ac07b9adfce39197341a30bc1623902a753e8a7ae0324e7cb53731
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328bed6a41b473ff17079933a687093a628a30e79d6e9967f1bd81afbabf8e92
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3300d702ddc3dd82edb40ba255abb88171a49b9f53205707f550328b9fe37b21
337cc6d9422951e9b50bdda5f7dd5d9a4f049cbd0f4ea5908475f775a20f76f5
3478056c09bc79ba2581dc9b3e16be264e9f4f9c6424d566d982ad3068cc17b6
3670fbab9b00b1b34deeb9ae2d67383595aff0b9996511822c4d63fb1eeb634a
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37114603e314b43008c3dbe162e09b40cf2cb2a59a20742eca949a04bca77f3a
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a25012177a22bd838094f24ead5bd9c18c7ee5f1414cf31210c65955b471ad
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
3b7811b89746250f1c9bfb64a456b9357a5a7616f35bbb2d7a0b1510a640bdfd
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41112c6a967d8bd529244b94e0c117b2ae2827c419261826bb8ac5b590466945
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
482100f0328f0fade00ad3e301b6aa9579cfa9a88eedaf0feafe56f43e119473
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce3b56d18243c24878082c929312e13160b390b6d88f95dcdf913b360077e36
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526fb00dd22ec247e49ea238e1c97a93bcd42c79f052390c9297a452f9e152ab
5362c9ea16d9d47e6064f338567aced2e3e2642157441e05370847b03d4ef4c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54200f5bae45343e651456e1ea52a5a3ce2b978a605fc5513ae5a39c80b54f01
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558bcd76997a66b851b77a6a448a9df7cf77adbbfec7ab3b7d335b614f5eb96f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b10bd2a8664599f6a6198502d9db34c178ef8f587dd29c0661ad3df59acaeb
5f3d992a8f5c1c422eaa51d219c1459bac9dad5cba9ecb372082de08e47b3944
60648cb246ce4141867e508bce0a2c82feae1415a695e7cb96acfc6acc7705bd
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e8a8d677d7b2f3ac3bfa393d6be3e01c26d6a656b1119fbb2a359518542a97
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
63de092f5eea6c6919ff3edcefc535b1aba0c00dc72c9b7d65a2eb2bec2a165b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
681b0e8db6c38983f53eb2db791fa69c74889b5b229802d82baa1b198d8612f4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6db82abb4412b1892a824d38710e011843184fe78bb841dd23341c853e169d19
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
6e4f73584a25e796b2f641659277c95ab8d9777bfa6673b3fce288da3c5e3a75
6e6a6e89f55e442107465d2e5e36dc0bd61f72b68e82ff5d7ebc5d894f18ed92
71218497590f0e0638316a1deabbbd5f0b6b68a1ac777fa44ca7c9688be4699d
72356fdd3fdf575c34c67d0a4236c3818248e73f5c4219ca9a4b663ef72d1ca2
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
76170fadd3304c92ee794c5d9beb9eba533c7bdd96fead5608fb66ea54c6df76
76a862dba57901fcc377abc56285bfd9eda47c05a5cb86b80da26cc404d5d50f
7b4f791915536424f116053897a43815d7f55785f1e8c5db0029eae326593057
7c7d3097c8e7806f037b5d2560881808c32a5bfea51dd4012870e9bdf7c4a520
7f6f26aead5ceba2476808c1ad2d7c561491548f0ad48332199ae91ff6397419
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8467b6c92b853b93ed2b58a27e85439cbb1985520d413c9221e3746202d0d2d4
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
88e4e7434359d71a96c106f0cb525515e4651bf761afaa8cac6f739ce80772c0
8af4a7b3549631244df52a0d91b22ccfb355b2f10caab9fe9fa0b57a2beff473
8c2a1c4e7f4cf1907de90f5a11c1e5411ee7c5d3bd5dd50a99357777c081a95c
8dba7bbb522f73b178d42e533b2dad867d521eebe9559988127a6ed306698ce5
8e3aadbd88bfdd979646ed6cdfc1c7fe03892b9fcef9c75bea51319169a9ff4f
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9121b0a360f4b6e97eb06073c7fe0c6e9fdfb95cdff7e4133350dd78d885859b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9452873a1a9f3f1f4852fe8d2e7b7ba6b7f82b42d29bc9bcf85c74ab0e6ede49
947599136c022b15206e62d9557543bfc54fcdc7482f0e5b045ded9bff9e360e
953a00185e28394c1d0807ea5dabc84535abfd9e56be55d2d280f187fab3ccfe
987cf494483d44d5e01fe5928229625d7536ed129be62d788091bf001443f9ea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c6738fa48fd512d5045f65edeca13983cb2c89d41df3ecb57652972b701acc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7355c17c6f32199e19bd445ba6b34daf8d905dd1bb07f870c8e2cc08fce9077
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
b03d5d0f93d3939d55f52b8644cda9046ab89aebbf5f07c5c886fe224d2409e9
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c
b08bd8a973541c38ecd45e41347696acc0dbbb645c6ca2b138807c00f7430da6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24ba743565b2d2aeca2b04a6c9995676d1a255b5bc153ae948dffe18aa0c109
b283ca93492f1e61727b9c49f98d3fac7ab7a462c83df03076d6955703d00015
b5f4b6fa08b44a82fd482461413ee50b5791f5937c764c042ba17405ee9504e8
b7c80316a514c0892bcf6f6c1966a463dfbb379d97c0fdcefb666408f17ed0dc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce6e806acba5d4cd6224a759d9ad29e6d868d59f71390b344df7bc7c8f9416d
bf32e592222284415f4b7a0a09712ecd212753ada7015721aa0b5f04d084f0e4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22d480d89accbfcdff49d03e40f8642b1f1e867492cfd13604e3cc11df78b56
c2ced5e7f96ed81695c32f0b66247e595108075d0dc3d671db151d2eed8fe86f
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c854904ff9b174279124c373152be17b526b1f829856f24d6de4b89c7446c413
cb9d55a0b675c7b51107e1b46e7f351ca690da86fdd4dd905c34efd6dc28fe02
cfec61fb44a99c7924672fba480ad37f45a19e280a101fae1e433c5f96f140e5
d0d1672df0a0fc2d82b4eee0dbb87b7c4ef5b7071d74fc00d6866e8f7944777d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d22c1fb7363241cd188fd84f32b96a68aaae5a129e450293d74f91118d1923ac
d45ebaa1c6ac615f740b5f04b0ef52b7355c74594aef769363a382a15ee577e8
d4627b9b559721413f5c1b9bcb78bf895ac006d0477fe1ffe6a905a302ca1d11
d5db1212d7b0d5a3ff04c683c57b66c8479c891c601aa7d53b391a3c47079524
d70f9a37ca5741e0952bfa510ab9ff0bbc3af2a3497b256727943cbd9a5a35a6
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
da97bcfcccc462757c77d249a440a8515fc26d0b0742d5c40324504276e33a98
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc68112622e148e0cea9243824bf1c69a57b3f0a2bfc4a48496127bbafa8b8d5
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e85f1333e55d7e0a10063d959d4eeb4d10e85ec0fc284393bbfc495048cd5b1d
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ebe645bc307f3a0a4db4b28c5acbc5ab84b78966b5344dba4c54a6ccd8bae7b2
ecb7219605b8a6f0c8e56b59eb48a5c57ea932dc0d686ee370a0d96a5088ceea
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eef6e50516dd1bc5e94db6685463176f5c05db0d2a21fe90aa3d3a3871a5b8ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5da9e3278a823a9d1b068c25e70c72b97f71f3d5b919793abf38422c6425490
f62f99e5be9117d8d1b4347d5631897987ba830992619e51de9d2056a837d7a9
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fb2a4f1da8b289ee34cd3682eb213ac2c4be445dee6f843fb3a82d620910af3f
fbd1e8b96c46848db89a70d3e4612e5ac22b113200bc3b376094eeed4cd0e3fb
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffb5e31b6ba84ea65f1ffbc3df06020d76a464e3d49fad09da37a9ae58915b01