urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Submission: On November 10 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 13 countries across 95 domains to perform 544 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
4 104.26.2.91 13335 (CLOUDFLAR...)
38 172.217.194.154 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
3 64.120.88.131 133752 (LEASEWEB-...)
20 13.33.33.38 16509 (AMAZON-02)
2 142.251.12.97 15169 (GOOGLE)
6 142.251.12.154 15169 (GOOGLE)
3 172.217.194.94 15169 (GOOGLE)
13 74.125.68.155 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
1 152.199.39.108 15133 (EDGECAST)
3 172.253.118.138 15169 (GOOGLE)
20 71 74.125.24.154 15169 (GOOGLE)
2 34.95.67.231 396982 (GOOGLE-CL...)
16 203.75.214.136 3462 (HINET Dat...)
2 4 35.201.76.93 15169 (GOOGLE)
2 18.155.68.103 16509 (AMAZON-02)
2 52.196.174.187 16509 (AMAZON-02)
11 182.161.73.129 55569 (CRITEO-AS...)
2 34.117.219.39 ()
4 210.59.219.181 3462 (HINET Dat...)
6 12 34.96.119.68 396982 (GOOGLE-CL...)
6 6 139.162.38.30 63949 (LINODE-AP...)
2 103.132.192.30 138552 (RTBHOUSE-...)
1 3 103.229.10.180 16509 (AMAZON-02)
1 104.16.87.20 13335 (CLOUDFLAR...)
12 54.73.75.233 16509 (AMAZON-02)
1 104.71.49.155 16625 (AKAMAI-AS)
9 182.161.73.145 55569 (CRITEO-AS...)
1 3.1.173.93 16509 (AMAZON-02)
1 44.229.70.27 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
7 34.98.64.218 396982 (GOOGLE-CL...)
9 14 68.67.160.132 29990 (ASN-APPNEX)
1 7 104.18.19.126 13335 (CLOUDFLAR...)
1 35.213.117.18 15169 (GOOGLE)
6 25 139.99.49.250 16276 (OVH)
3 13.114.56.62 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 3 145.40.89.200 54825 (PACKET)
3 172.217.194.155 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.78 16509 (AMAZON-02)
28 74.125.200.132 15169 (GOOGLE)
4 142.251.12.95 15169 (GOOGLE)
1 10 142.251.12.105 15169 (GOOGLE)
2 142.251.12.155 15169 (GOOGLE)
3 20.212.157.225 8075 (MICROSOFT...)
3 172.217.194.156 15169 (GOOGLE)
6 18 139.5.84.243 27381 (CASALE-MEDIA)
3 13.237.117.95 16509 (AMAZON-02)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
10 142.251.10.148 15169 (GOOGLE)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 54.168.63.191 16509 (AMAZON-02)
1 202.233.84.1 131957 (MICROAD M...)
8 13 69.173.158.64 26667 (RUBICONPR...)
2 2 13.33.88.29 16509 (AMAZON-02)
8 9 35.213.12.39 15169 (GOOGLE)
2 2 89.207.22.76 41041 (VCLK-EU-SE)
11 12 35.71.131.137 16509 (AMAZON-02)
1 1 54.84.84.112 14618 (AMAZON-AES)
3 3 3.112.143.207 16509 (AMAZON-02)
4 4 68.67.161.208 29990 (ASN-APPNEX)
3 3 13.250.190.118 16509 (AMAZON-02)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
3 3 151.101.66.49 54113 (FASTLY)
2 2 202.232.238.37 2497 (IIJ Inter...)
5 7 54.254.232.172 16509 (AMAZON-02)
1 159.203.145.121 ()
20 52.95.128.55 16509 (AMAZON-02)
4 142.251.161.120 15169 (GOOGLE)
1 182.161.73.132 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
7 7 103.229.206.240 30419 (MEDIAMATH...)
3 4 13.107.42.14 8068 (MICROSOFT...)
1 1 139.162.23.100 63949 (LINODE-AP...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 142.250.4.102 15169 (GOOGLE)
2 173.194.28.102 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
1 23.78.217.3 16625 (AKAMAI-AS)
8 104.71.48.26 16625 (AKAMAI-AS)
3 11 23.77.12.69 16625 (AKAMAI-AS)
1 52.222.158.36 16509 (AMAZON-02)
1 104.18.13.76 13335 (CLOUDFLAR...)
3 11 35.71.178.8 16509 (AMAZON-02)
3 3 50.116.239.135 6336 (TURN-US-ASN)
2 5 35.244.159.8 15169 (GOOGLE)
2 2 202.241.208.55 4694 (IDCF IDC ...)
2 2 13.33.88.32 16509 (AMAZON-02)
1 2 69.173.144.165 26667 (RUBICONPR...)
1 2 23.106.127.164 59253 (LEASEWEB-...)
2 3 35.190.60.146 15169 (GOOGLE)
4 9 52.46.151.131 16509 (AMAZON-02)
6 7 103.231.98.197 62713 (AS-PUBMATIC)
3 4 52.74.162.2 16509 (AMAZON-02)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
3 4 185.84.60.30 198622 (ADFORM)
1 13.107.21.200 8068 (MICROSOFT...)
2 2 198.8.71.131 ()
4 23.78.217.19 16625 (AKAMAI-AS)
2 104.70.236.26 16625 (AKAMAI-AS)
1 182.161.73.146 55569 (CRITEO-AS...)
1 216.130.169.24 ()
2 2 3.124.32.217 ()
2 107.22.24.178 14618 (AMAZON-AES)
2 4 35.163.132.81 16509 (AMAZON-02)
1 35.214.236.176 15169 (GOOGLE)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 104.18.12.76 13335 (CLOUDFLAR...)
1 52.196.230.114 16509 (AMAZON-02)
1 2 23.106.127.53 ()
4 4 209.191.163.210 14744 (INTERNAP-...)
1 1 54.90.77.112 ()
2 142.250.4.156 15169 (GOOGLE)
2 2 35.72.192.39 ()
1 67.199.150.81 ()
4 4 103.231.98.194 ()
14 13.112.54.241 ()
1 1 18.214.21.204 ()
1 1 74.214.196.131 ()
1 1 54.210.175.101 ()
1 129.159.70.95 ()
1 38.91.45.7 ()
2 2 54.255.158.216 ()
1 67.199.150.85 ()
2 23.106.127.38 ()
544 108
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com
66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
4    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
38    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
pagead2.googlesyndication.com
googleads4.g.doubleclick.net
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
20    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
cdn.holmesmind.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
6    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
adservice.google.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
d-20876441721900431501.ampproject.net
fonts.gstatic.com
13    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
3    172.253.118.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f138.1e100.net
www.google-analytics.com
71    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
googleads.g.doubleclick.net
adservice.google.co.nz
cm.g.doubleclick.net
bid.g.doubleclick.net
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
16    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    18.155.68.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-103.sin52.r.cloudfront.net
adcdn.holmesmind.com
2    52.196.174.187 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
11    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    34.117.219.39 (None, )

ASN- ()
fp.holmesmind.com
4    210.59.219.181 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
12    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
6    139.162.38.30 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1451-30.members.linode.com
gocm.c.appier.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
3    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    54.73.75.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    104.71.49.155 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-49-155.deploy.static.akamaitechnologies.com
a.teads.tv
9    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    3.1.173.93 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-173-93.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    44.229.70.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-70-27.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
14    68.67.160.132 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
7    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
25    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
3    13.114.56.62 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-56-62.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
adservice.google.co.nz
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-78.sin2.r.cloudfront.net
rules.quantcount.com
28    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
4    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
imasdk.googleapis.com
10    142.251.12.105 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f105.1e100.net
www.google.com
2    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
partner.googleadservices.com
3    20.212.157.225 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bi.adpushup.com
3    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
www.googletagservices.com
18    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    13.237.117.95 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
www.adtrek.co
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
10    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
s0.2mdn.net
2    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    54.168.63.191 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-63-191.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    13.33.88.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-29.sin2.r.cloudfront.net
s.ad.smaato.net
9    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    89.207.22.76 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-login-ds.dotomi.com
dclk-match.dotomi.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    54.84.84.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-84-112.compute-1.amazonaws.com
fksnk.com
3    3.112.143.207 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-143-207.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
4    68.67.161.208 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    13.250.190.118 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-190-118.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    104.18.25.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    202.232.238.37 (Itabashi-ku, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
7    54.254.232.172 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    159.203.145.121 (None, )

ASN- ()
cs.chocolateplatform.com
20    52.95.128.55 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
4    142.251.161.120 (United States)

ASN15169 (GOOGLE, US)
PTR: ig-in-f120.1e100.net
csi.gstatic.com
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
7    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    139.162.23.100 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li865-100.members.linode.com
a.c.appier.net
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    142.250.4.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f102.1e100.net
gcdn.2mdn.net
2    173.194.28.102 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s07-in-f6.1e100.net
r1---sn-ntqe6n7k.c.2mdn.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.78.217.3 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-3.deploy.static.akamaitechnologies.com
acdn.adnxs.com
8    104.71.48.26 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-26.deploy.static.akamaitechnologies.com
contextual.media.net
11    23.77.12.69 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-12-69.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    52.222.158.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-36.cdg52.r.cloudfront.net
public.servenobid.com
1    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
11    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.33.88.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-32.sin2.r.cloudfront.net
cr-p3.ladsp.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    23.106.127.164 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
9    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    103.231.98.197 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    104.18.102.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
4    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    23.78.217.19 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-19.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.70.236.26 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-236-26.deploy.static.akamaitechnologies.com
cs.media.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    216.130.169.24 (None, )

ASN- ()
sync.adkernel.com
2    3.124.32.217 (None, )

ASN- ()
rtb.mfadsrvr.com
2    107.22.24.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-24-178.compute-1.amazonaws.com
cs.emxdgt.com
4    35.163.132.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-132-81.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    35.214.236.176 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 176.236.214.35.bc.googleusercontent.com
csync.loopme.me
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
1    104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    52.196.230.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-230-114.ap-northeast-1.compute.amazonaws.com
g2.gumgum.com
2    23.106.127.53 (None, )

ASN- ()
ssbsync.smartadserver.com
4    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
ap.lijit.com
1    54.90.77.112 (None, )

ASN- ()
ssp.disqus.com
2    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
ade.googlesyndication.com
2    35.72.192.39 (None, )

ASN- ()
match.prod.bidr.io
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
4    103.231.98.194 (None, )

ASN- ()
image2.pubmatic.com
14    13.112.54.241 (None, )

ASN- ()
usersync.gumgum.com
1    18.214.21.204 (None, )

ASN- ()
sync.srv.stackadapt.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
1    54.210.175.101 (None, )

ASN- ()
sync.ipredictive.com
1    129.159.70.95 (None, )

ASN- ()
sync.technoratimedia.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    54.255.158.216 (None, )

ASN- ()
ad.360yield.com
1    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
2    23.106.127.38 (None, )

ASN- ()
rtb-csync.smartadserver.com
Apex Domain
Subdomains		 Transfer
85 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
bid.g.doubleclick.net — Cisco Umbrella Rank: 672
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294
594 KB
70 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com
66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 275
644 KB
32 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 147046
fcm.holmesmind.com — Cisco Umbrella Rank: 161307
c.holmesmind.com — Cisco Umbrella Rank: 106536
adcdn.holmesmind.com — Cisco Umbrella Rank: 144780
ad.holmesmind.com — Cisco Umbrella Rank: 95735
fp.holmesmind.com
112 KB
30 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
eus.rubiconproject.com — Cisco Umbrella Rank: 541
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2024
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 544
54 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
dsum.casalemedia.com — Cisco Umbrella Rank: 1372
21 KB
25 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
12 KB
20 amazonaws.com
s3-ap-southeast-2.amazonaws.com
84 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
secure.adnxs.com — Cisco Umbrella Rank: 426
acdn.adnxs.com — Cisco Umbrella Rank: 579
36 KB
19 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139
gocm.c.appier.net — Cisco Umbrella Rank: 1971
a.c.appier.net — Cisco Umbrella Rank: 13802
3 KB
17 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 561
ads.pubmatic.com — Cisco Umbrella Rank: 458
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
36 KB
17 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
bi.adpushup.com — Cisco Umbrella Rank: 17664
360 KB
16 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 691
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
gum.criteo.com — Cisco Umbrella Rank: 390
dis.criteo.com — Cisco Umbrella Rank: 631
23 KB
16 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net
13 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
4 KB
15 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1324
usersync.gumgum.com
5 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
327 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
gcdn.2mdn.net — Cisco Umbrella Rank: 906
r1---sn-ntqe6n7k.c.2mdn.net
2 MB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com — Cisco Umbrella Rank: 3158
8 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.as.criteo.net — Cisco Umbrella Rank: 15767
387 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
7 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net — Cisco Umbrella Rank: 656
us-u.openx.net — Cisco Umbrella Rank: 407
jp-u.openx.net — Cisco Umbrella Rank: 10594
2 KB
12 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com — Cisco Umbrella Rank: 339
8 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
5 KB
11 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net — Cisco Umbrella Rank: 535
cs.media.net — Cisco Umbrella Rank: 1349
17 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281
5 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 279
aax-eu.amazon-adsystem.com Failed
6 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 446
4 KB
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1720
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
2 KB
6 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
3 KB
5 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
1 KB
5 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
17 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 862
ap.lijit.com — Cisco Umbrella Rank: 599
2 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
3 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 582
2 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 355
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 413
132 KB
4 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 73497
1 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 540
510 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 533
803 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
3 KB
3 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 139648
2 KB
3 adtrek.co
www.adtrek.co
14 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
142 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com
10 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
519 B
2 360yield.com
ad.360yield.com
624 B
2 bidr.io
match.prod.bidr.io
1 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 942
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 471
501 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25501
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 883
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 587
cdn.indexww.com — Cisco Umbrella Rank: 1490
2 KB
2 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 68712
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3287
980 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 661
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 752
1 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1007 B
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18067
344 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 contextweb.com
bh.contextweb.com
662 B
1 stackadapt.com
sync.srv.stackadapt.com
581 B
1 disqus.com
ssp.disqus.com
472 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 840
40 B
1 adkernel.com
sync.adkernel.com
228 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
671 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1440
451 B
1 chocolateplatform.com
cs.chocolateplatform.com
15 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4678
616 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 4090
641 B
1 adtdp.com
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 122899
362 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3496
505 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
633 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
518 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
520 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-20876441721900431501.ampproject.net
0 pippio.com Failed
pippio.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 sportradarserving.com Failed
a.sportradarserving.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 zemanta.com Failed
b1sync.zemanta.com — Cisco Umbrella Rank: 531 Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
544 95
Domain Requested by
57 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
35 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
www.bg3.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
www.googletagservices.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
25 onetag-sys.com 6 redirects cdn.adpushup.com
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
20 s3-ap-southeast-2.amazonaws.com www.adtrek.co
s3-ap-southeast-2.amazonaws.com
www.bg3.co
20 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
18 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
14 ib.adnxs.com 9 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
14 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
13 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
12 match.adsrvr.org 11 redirects cdn.adpushup.com
12 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
onetag-sys.com
g2.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
ssbsync.smartadserver.com
12 ad2.apx.appier.net 6 redirects www.bg3.co
11 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
public.servenobid.com
11 static.criteo.net cdn.holmesmind.com
cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
11 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
10 s0.2mdn.net www.bg3.co
www.adtrek.co
googleads.g.doubleclick.net
s0.2mdn.net
10 www.google.com 1 redirects tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
9 s.amazon-adsystem.com 4 redirects onetag-sys.com
eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
9 x.bidswitch.net 8 redirects onetag-sys.com
9 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
9 bidder.criteo.com cdn.adpushup.com
static.criteo.net
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
7 image8.pubmatic.com 6 redirects onetag-sys.com
7 sync.mathtag.com 7 redirects
7 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 us-u.openx.net 2 redirects u.openx.net
www.bg3.co
6 gocm.c.appier.net 6 redirects
6 e3.adpushup.com www.bg3.co
6 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
5 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 image2.pubmatic.com 4 redirects
4 token.rubiconproject.com 4 redirects
4 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ups.analytics.yahoo.com 3 redirects onetag-sys.com
4 px.ads.linkedin.com 3 redirects www.bg3.co
4 csi.gstatic.com imasdk.googleapis.com
4 secure.adnxs.com 4 redirects
4 prebid.scupio.com cdn.holmesmind.com
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 static.bg3.co www.bg3.co
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 secure-assets.rubiconproject.com 3 redirects
3 id.rlcdn.com 2 redirects onetag-sys.com
3 ad.turn.com 3 redirects
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 googleads4.g.doubleclick.net www.bg3.co
3 sync-tm.everesttech.net 3 redirects
3 pm.w55c.net 3 redirects
3 google.dap.fw-ad.jp 3 redirects
3 www.adtrek.co googleads.g.doubleclick.net
www.bg3.co
www.adtrek.co
3 www.googletagservices.com googleads.g.doubleclick.net
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
3 bi.adpushup.com www.bg3.co
3 fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 prebid.a-mo.net 2 redirects cdn.adpushup.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 adpushup-d.openx.net cdn.adpushup.com
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 rtb-csync.smartadserver.com ssbsync.smartadserver.com
2 ad.360yield.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ade.googlesyndication.com www.bg3.co
2 ap.lijit.com 2 redirects public.servenobid.com
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 r1---sn-ntqe6n7k.c.2mdn.net www.bg3.co
2 csm.as.criteo.net ads.as.criteo.com
2 fonts.gstatic.com fonts.googleapis.com
2 sync.fout.jp 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 um.simpli.fi 2 redirects
2 imasdk.googleapis.com fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 fonts.googleapis.com client
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
2 ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net www.bg3.co
t.ssp.hinet.net
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 fp.holmesmind.com cdn.holmesmind.com
2 ad.holmesmind.com cdn.holmesmind.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 image4.pubmatic.com ads.pubmatic.com
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 cms.quantserve.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 ssp.disqus.com 1 redirects
1 g2.gumgum.com public.servenobid.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 csync.loopme.me ssum-sec.casalemedia.com
1 sync.adkernel.com contextual.media.net
1 dis.criteo.com contextual.media.net
1 c.bing.com eb2.3lift.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 gcdn.2mdn.net 1 redirects
1 trace.mediago.io 1 redirects
1 a.c.appier.net 1 redirects
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cs.chocolateplatform.com googleads.g.doubleclick.net
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 fksnk.com 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 dynalyst-sync.adtdp.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ads.as.criteo.com fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fastlane.rubiconproject.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 campaign.adpushup.com www.bg3.co
1 d-20876441721900431501.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pippio.com Failed ads.pubmatic.com
0 cs.admanmedia.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 a.sportradarserving.com Failed g2.gumgum.com
ssbsync.smartadserver.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 sync.go.sonobi.com Failed public.servenobid.com
0 b1sync.zemanta.com Failed contextual.media.net
g2.gumgum.com
0 sync.targeting.unrulymedia.com Failed contextual.media.net
public.servenobid.com
g2.gumgum.com
544 162

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.adtrek.co
Amazon		 2022-10-22 -
2023-11-20		 a year crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-10-17 -
2023-01-09		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
cs.chocolateplatform.com
ZeroSSL RSA Domain Secure Site CA		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-01 -
2023-01-10		 2 months crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh

This page contains 81 frames:

Primary Page: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Frame ID: C818AA7A79614822E4A2E95614048CFB
Requests: 86 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 36E3ED20A7F29745AD2692D339BF19F9
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 5AA115C43F90E56EE785ED1AAD4DD5DE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 1E487E7CE783F175CC37BD29B257F1EF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 50C4B969529EA6F536513ADF50E1A661
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 96C2C53B7F937E2B6D1A72F576DE9C87
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 25A13B956A8A6EDBA8987ED060DC9E04
Requests: 25 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3855B32FE301D03BF72EC90FC62E25AE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 9BA2F05774E8DEABB5B9819D84F2BBBE
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34430403322081795740&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2892&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=5666001062&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&ga_hid=1062&dt=1668088397041&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&bdt=2757&dtd=573&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 80B58198C28E7983C0D3014067FA3155
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 42C83A1764E4001AF86AECE941CD94E7
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C3CDD1839123F0D5B78BF2E9408CBFD1
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&CFFPCKUUID=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&maindomain=www.bg3.co
Frame ID: 4BBB91D58F8B4BB8F440F2BA4E1195B0
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&CFFPCKUUID=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&maindomain=www.bg3.co
Frame ID: E8CB8A6B5E7BFCCEC09FC8F8A53D20F5
Requests: 1 HTTP requests in this frame

Frame: https://4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: 2A71F41B00369AE1C72F12003B5F7CEA
Requests: 1 HTTP requests in this frame

Frame: https://66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Frame ID: 966BF1D0CD910C4843BA71D80E15AF01
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3BC5E81AB112B21BE496340A151EB73F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 25BFC8DC9A0B44380821C5F73F8F24F0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70B5EDAFC1812702606E3B82101E7534
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0484C84D585234809B4DF111D4ACA15
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F60A0AC1082E7421AAC53E990C6A144A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A319D27B78399D0F431C4CE09B5D9D0
Requests: 2 HTTP requests in this frame

Frame: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 86DEB39F99F68C02C96478155D75E0B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Frame ID: 8DB57BDD72019A7AE09AE43A4B157BDD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Frame ID: AF0C9077CA002FF20C4CCF266F4ED6D5
Requests: 1 HTTP requests in this frame

Frame: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: E208EE01AA14A49412FE2DED233DBB61
Requests: 31 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: FAB4850E33CAB87B0D0F817E1C0370F0
Requests: 13 HTTP requests in this frame

Frame: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 639C155ACA6A55AA9322CB8CD830673E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGJamttcBMAE&v=APEucNXKMxEWBGysxQkCjH8kyM5i-pwPzr18rjkDcBdU1bG6Dso7KvDz7-Y747-VZWYbD1tprgnh1TfG-wS-33tAgYw6-NY8fQ
Frame ID: 5499036E7F1A331EAF947B3600D42649
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNVLFnYZThEGh1gG9ljJ1MElX3fAhqCsLoMxSqn2G0eM7D8rqHxyTlZjMzp_vZ7JZoXsfOOLujz4Bhe3NghV8A-yVXGG4A
Frame ID: B9A815785045D4B0EBA42B303E787478
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRU3LTLKHdFYNjn2E8ZIexM6GtYhPlpm0HaOl3h7t_TYwvjv3aGVB8en8pNEBGXUUW1dGc8FezCnsSq-P9CDv6b3WCom4VW_opHql8wIa4gbq7StDgLleWGS_WqYHv9E1CoqzHyz49AnM0uY_VO8pZZVlEQn9S9Rn_FeYJNb3FnN_TxkjZdi9lkSZVc7SxUk_DSzwi&cry=1&dbm_d=AKAmf-Du5P4Gq1aU1958rBQ_96ky2UnizLxeEOLwTMgvLILBwBVBs-_055xAk5B4RDBw952SQzl3vad7SWXIvfCtFxJPEXAXRDd8usZ6o9YjG-F0445nQ0b1gh32nJggL6usEmLEFH7QY_zAUvCJnobsTb25GoQVxeb8UxXdi144d6IBPv-cbaL4kCYZmfrc8yemjdoVjHLf_LTR8l0puHtWfbgTipm1Xb-gykfJFSPZNVN6nAWRRphsyah3JmmtHcS5BO5kBgxhomy4-Vy8jh7i8xRsrSN7V35isTcOWib_HcjAQbKuctMw8ty-naJr-gQErFnMeabVXRVA0xOreZLRr_7CXDi-PgW3Xd_Mf23Bcg_qT2JQeTp8mljf72dsPjW974xHQedQmf5n7F12vlk-mLNXmro8aPUji-EvXUFw3OgZJFX1s7jOT-Am9tcu77S-fYkU5Yut-_mTu6Eg8GQGmh2JLL3BueTgzZ59Q7satHGKlKu-ROp_w_66SxRsxbUIFgHaLzOAEUtMmBBOKlf2ASr4qZ7fQcJMnEZBhCTwAqHWq0P-iEdoNzoJaIjSX2ors2yCEzBNq780DkG-H56jFCp8R5J-Z6R66n6QaRvJ-QR87gXxPqCymy7amfELla96Bm500b5qtNtiONj_dSioZfBTWgLB0EPsjWhLbD95TSCXqQn4JwM6HVWnJQtW55BHS9D51GqH-1iBgHMwtSLs3qxfhxNByzcl-PNv4NnyI9dtVLIk_tMuOGp70zt-ITqCsq-vQ9BLIG1d3mvhr9SWol71Fb8YmyekqVj21jcOVw_jMh0PD2tC0kRWGY2kmhGlwF7G5sm9yn7aFgirNQNkbVNNzwQgdfr5QlCyPbHBI0wNPtTGt9uZtNFErPeSljVyEMOAsULUxbWFEtyAnHciuP4zEWYqy-yX8i-NN2DNEZn-uH16YcSq0FSGY_9OLsCAMMKDebdjBDXQDphBnEudzJ6qpcsKEDr2B8tY7yM2aUEszk0RD2QL9kkefMEMv_oP4Zj5t5JR5gxjwZQtfS_oFWkuL1LCbAMRxAuRlE5yD6syI3hTIKwyz4fGcbgIc7RrveRCBHRiPJdkjNqwKAP-45-WYgIq0hespU3n2GOJRzNq4fStOGyVFjPeIpFeTewPUndNIYzuRVnD4FhTirwOlBxXEFlqirN65CVy3C3IdtrN5QK5WW3UNk37CuA00PDwtpp_F4WPxlHLXlysayMVUZ4HSbKlQBPRTHC-KJBeRMlQLSWbnmaiG0Jqz7i7Y2vW7GkdoVhGnwr8Q6p4YDmXy3rfdl-shWgpej6Uj5mC5JXE67yVkTOXw1u433Sh017_GQEb5HmvDzRaZaDjnV0ppIOt7LJRsuoGlbLFIkcOdcGcyJ5_7wcGrt64cTvh7KEk_D-ms5vSW2gPhmV0pg1Tj8urs0cAfhTOtbui5EFFE-9OqCC4J85USoQ6pjPTxRtkZ9E1rKaJkTQTaO3dd6KJLVDlPC8MbzZ2INKbiaX5CdDta-DE-_t6qmJdF3O0ls0Cg4E_yhfkb69DyEqIjrQxJ6Jy3uargGe6n4zP9dBaVFDYCZxgj5WO_FvWWOMtTAdbkr_cuoTIBHpjy4ykdBegKx5xZwkeZPAYVLtuFXnEhgSozgQFJXVAOmhEbIUdjhYf7NYRxZs76T7alNbjmqVR6e2MEkLwJRJ-ez2CqX8l24icM4M0510qdyb_1uO_hZ8oIOSEEPEhX786jor0vY0OeyFfWNr_p-gcslmbBs-rCkNbpGa62cH_Gx0elF5IWdEgI3WGxPdCJDjNLAYMu1QJKcCud6qcLngTlo4MmwzgOpCGMecUZrdXkdwNibvdPd62kBENCRDsi5RIRByzH9Jum4UE7ZAZgVAVTabBL5-7zV3m5e0x5hufYw_UeTklaAQ5Oh9Zrjp0UCmJAmf7eT7BiprbVZ8FbNjNzYcGY8QQm8BHbHp1R3D7l4Hg2Alrlz_Y5TAqdHjBRAOelGk2__HIMjNU-SBLH1vAg-qt4Ri3uXbZ-0m-w6sasQpedbh7vt3t_PKMvwt4_GjPv4uXrg-z-9NdH_iuhd9JZURcfOVGE4s-UmOXQ7sbQHJc3h4BCNptFER9ybjylap8L7guONTNRSYPlLErGAYkm8iDXHO70c6L67WYtRTIdEE_WQCzNV6NuvYP7zxdbO1ULVwNINebvsssUN8OAbhnuyeQ2izp0K5LLE9x0dC6DvBGtjU7QQLw0FdmwAk-NlIlS2CZq_KNPAcxei3-XkzwiAnbYS-2Fe_ZXxfCdO1UNXOLTXOH1maZwdwiO801fNkHP_oFOvaRIVVwCX-T9P5dqKLq1zibMRPk7LwUwdaiWFgFAL8O_Hq837_0VqAyFRDsFFHfF0VSf9GKy6rLp_a5xKeG7tlb8lTrgUcEz5UAe_OoSIrRQcDKeWFshMVhd4LQappipfwYAttYhD24vQmWnssarOzs4Pg1BakJeoMfdsrG9lYfjvyTx2zmeg-k6hB5Y0AZV2S94rsY6frwaFu56aLVYvWwkom83jRGVj3O_czSZJeBE5N6SLQFOAc68_C77VB6Q7sY4lDlmlSHpLcG6qDFUTLKAO34O1ekBIlxt6lYIz-ARVrOwe1I2s61TEB8TrFnZPzSmQqoP7wrYIdAVDo-P3MghCGG1NV_-O5mj_xI_xT6p2MZZ0syvhm3CmH3EzaT86WDXvYYgstIDJXFR-dSMnN-bCIuzo8-oycNS8NF3-QA_CDCjYMGZsvP4Xt9Jq5GDA4UWublwRG_tE4jxyMCds7GoQti2GRknKVusZATwro2YzdUIQkdDyEJ389pxy5buSOkfNjL2LxbSIY275qYgs1ags7Pa06eh37SX2x0PectBMYRa5M_fG9g0jSjIqMiwWwd603d4mPr8F96tB-docH-Fey69GnVUbzSRcapqj4Bm1hq093hJV8rM7LW3DN5MslwCcsEditx1BFlGxVvhs6CKUhN-Fisp1TUetOGXjCnKeOgKrDjM3U7xElbARFMjMEduKg0d2Sgtxg6iyN4bkrrobnYCe4sLvitS0yOWObjnQMvTw6tRGqJyIvPL9fm0CVgrVtfgghZ2CD-SO9NTb9H859yIK9MGnc0xZkiTUqvZIBa4YPyN0RbQu7qSSkRReXn0gy_5BpAsjkKad6eYZ1enErG813tzeN9Idx_NoGcu9fSQ11DXflK3RmqJVWknxf2p1UE39vhWxQu-g_RUasx9KFUbVBQFGITFW66QW93omagYUYfUln99eHkHfAX_Ts6-Bf5dbcXsaJYy84j4yk6HYUI4jDqKBc5VJKxA_WKj5hswgOAS4bUoqNKy-ncTl1qWOCKztcG1gvCeWrMj9cw6EErTvWcvpXFdXF6LUl4ZpHGhNqzKayUGoehCe8eXYu2941QRPtZpOMuJNooCA5yQIF4cFp6nBFD09lKN4H_oZx_xZ_C7i66PrYlG4IBm4hSDfoeIcPDBoH-t-RWDgtr19jVi1lhtyAHy2dUAzKDjChQrZWxt4VJ&cid=CAQSKQDq26N9jauw9OaPSEkRuAdMSKAuFGubHx6xR_Xzm2L9-f56udVat6VgGAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Frame ID: EA3D39E5FA70C3BA8FC6603A92AE7D70
Requests: 14 HTTP requests in this frame

Frame: https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
Frame ID: 9FCF32D3CDEB69E4F6A394E3946CE8C8
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE4F94763AB00BCD22FA8792304EAD67
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: A1E49399A45629C9F538DA66B6A57AE5
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ACE8F97FF505A97D77CC89E8F2BD62FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1C06F7095C91C824AFEB29359F110124
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A43412AC10B33EC19D85A9661EA2AE0C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 61BD5BFD7EA1EC49F7D65753A2177A45
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FFD876062C6859223ABA439D9846C88C
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 34DB57ECE0339C3C777E2C168DE384EA
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4EE5A8373A0FCE3CD21BB580E51E71E3
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668088400295
Frame ID: 0001886FEE733C9541886E33EAE369E1
Requests: 14 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4C57A3FAC9D8C1F2BF931B028F34794B
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3E22A28F93AE0040242A7A329442E614
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 9C5DF5A5ECEAAF27E8AE8F61AFE531A2
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 606E378EC82D126F6C4602DEA1911A52
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 94DE562950C958844B33D9A64E4601E8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: DA91C34D54BB225637A5675B3AEF0BA5
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AEF77CD95DB099A446FFA7FE330672EF
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Frame ID: 66D4F88A2EDDDF7F78FB29E4C1FF2EA7
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 05CD1388BDD7851A5F9C8080EF6ED97D
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=rkt&refUrl=&vid=80884058793110900057443656000V10&ovsid=1991787314819964909
Frame ID: AB8EBF430550ED87E2851E3343EBFCE5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dpba%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3DPM_UID
Frame ID: 9FB30C8C83CC77C4D75F120C6D09BC7B
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 5E1D7C2EA1CAFF596C6446288491C277
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: B10A0C8A9F8A551A76FD91B4901845E5
Requests: 14 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F7A05FACBE9EE57FF5BDB6732A65F6D5
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E6F4DCB767AE3B278EF346BA513DDDAD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 250DD5918A78A8BACC58E944AD6EE5E8
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 0BBD9EA0A434850EE0430DC0B79ED37C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 68A3CF8A8B7618C2F0D9A3BAB7FA4960
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Frame ID: A2187336AD2E41ED3C1AB899748D692B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
Frame ID: 4E6F6060711F92DFDF32FAABD202E5E4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent=
Frame ID: CB14B479017078CB9479B11D5576B6A1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hOTMzZDBhYy0zYmQxLTQ3MTItYmJmOS1jMTM2YTQwOGQxNjg=&gdpr=0&gdpr_consent=
Frame ID: 878E584BE21D4C403953410F9B4DD56E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 01F0DF105B828F7DF2F40B1CD9A4CDFE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y20CV8Co5ssAAG1SVfAAAAAA
Frame ID: DDE2F56EEEC03CAB03DA3085EADE4E43
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: B475DA5BA7BE04AECB117B3F67ED0860
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y20CVIOgmcphDt9a8o76JgAA%264707
Frame ID: 5E2C7CF9476FBF0E25B12FEDCFE4A1AC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=F28jahdyOemMj1yQnB09&pi=gumgum&tc=1
Frame ID: BDEF3B0784E10AC75771FCAB6B8B3761
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 204738868DB5BD8A8CF8973D3D72E25F
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB&gdpr=0&gdpr_consent=
Frame ID: 4CA81822772422EDF566D6361EA09DDF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Frame ID: 412B716C78586D6B725E02CBB509C056
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Frame ID: 141273C35EB5685BC7624C516D985427
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Frame ID: 14CEB1417636FA9DF245BE228310DDA4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Frame ID: 5AF829B7E13D13E76FEC4F03D003C232
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Frame ID: 4AD14FBBC858CC75672B4869158F5710
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Frame ID: 3C5356A5B1D0EC468B4CDA2126EA3B9A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 035F43DC292DBB162404DA68647B7DB6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AF4DC7897CDC68FF0EAAD3301EBEC2A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFEDD3FE5E119315CDFF7A1D5372993E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DB1DD1C876E3A01E5630B7FCA6FDC34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

又有明星基金經理“奔私”外資私募加速進場 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

544
Requests

71 %
HTTPS

0 %
IPv6

95
Domains

162
Subdomains

108
IPs

13
Countries

5684 kB
Transfer

11964 kB
Size

134
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 57
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 59
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 89
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=PwD7N9BAC9ubluRRUAJtYw
Request Chain 90
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=mttmGJxYCVOvYxJ3UAJtYw
Request Chain 91
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=fSx1TC0sDgqAZiOcUAJtYw
Request Chain 96
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=-fqSAT5AB_iHg0HlUAJtYw
Request Chain 119
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=cyfz-ulKDeKKSerFUAJtYw
Request Chain 120
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=-PZ75VPpAceAVspkUAJtYw
Request Chain 219
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
Request Chain 220
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y20CVPzpdxSAg-rEDcIB.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
Request Chain 222
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y20CVPzpdxSAg-rEDcIB.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
Request Chain 246
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 250
  • https://um.simpli.fi/gp_match?google_gid=CAESEIThGwBi6AvrQKOtK9-9B_A&google_cver=1&google_push=ASkJ3FYCk0SMDqjI1BHZimfe2Fa9RB69C3vfsl2NeaZ3qCBOwT5Pbg3TcJs7eARZX2FtC9tLllVtqEoekjEKdw_vnu88zjTO1c74NSpRpbtUXWIkm_uq6o7ctZTsbZYBVqX_9UULiU7CV_YupxJzr7503w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12F8C8EF15E240F1BBB55A33814A3EC6&google_push=ASkJ3FYCk0SMDqjI1BHZimfe2Fa9RB69C3vfsl2NeaZ3qCBOwT5Pbg3TcJs7eARZX2FtC9tLllVtqEoekjEKdw_vnu88zjTO1c74NSpRpbtUXWIkm_uq6o7ctZTsbZYBVqX_9UULiU7CV_YupxJzr7503w
Request Chain 251
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESECS_Lyl1fjtl2nQNxweAHcE&google_cver=1&google_push=ASkJ3Fb09JSAG0deAHD4IqMDOMZ73XWsWvOYgl3m_G8anMA2IarIB4HNB9UuThEm29Jlc30ACvq6yTMSWxl3X4xUPMpaxRJVoUlOOhi4AFD04HXlAmpO_1pJCN3nouKwNTEZtRaE4Osvm_dYc6zLy8ugVw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTNkN2UwNjEtZjA3OC00MmQ3LTllN2QtMTI3MjVkMDM0ZGRi&google_gid=CAESECS_Lyl1fjtl2nQNxweAHcE&google_cver=1&google_push=ASkJ3Fb09JSAG0deAHD4IqMDOMZ73XWsWvOYgl3m_G8anMA2IarIB4HNB9UuThEm29Jlc30ACvq6yTMSWxl3X4xUPMpaxRJVoUlOOhi4AFD04HXlAmpO_1pJCN3nouKwNTEZtRaE4Osvm_dYc6zLy8ugVw
Request Chain 252
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEH-gcTOwEek9Qy2iEhhFtKU&google_cver=1&google_push=ASkJ3FYCxgfkKFwO5z9a__WnmkJkQ5GNJ1626h3wAqqCWVmUz5CC1BUZUtbgycxVK4I2N71V0KFA4oCdPFwHVQTunNkBL7O9lBbyWlVzzyF_oDdBiHT2XAOvN2GmUEItHFiNugCj6C-2pMIJAR9ZCIoKAkI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FYCxgfkKFwO5z9a__WnmkJkQ5GNJ1626h3wAqqCWVmUz5CC1BUZUtbgycxVK4I2N71V0KFA4oCdPFwHVQTunNkBL7O9lBbyWlVzzyF_oDdBiHT2XAOvN2GmUEItHFiNugCj6C-2pMIJAR9ZCIoKAkI
Request Chain 254
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECdP3SRNUEH85_XN9B4aVbo&google_cver=1&google_push=ASkJ3FYTmlcVirtxg70rHjQBzutqY5yBTNl9-ANQndOvIiWKc9-Vx54gNcdyqGNSFmKaZUhkt2YlB2PrVj6Il9-T_LkSvqRlop8-7f0ygIBbOhEV5CC5YU_ad_XqOHXb0zaOnqPGVEL7EVN1w8KRzqWc3f8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==&google_push=ASkJ3FYTmlcVirtxg70rHjQBzutqY5yBTNl9-ANQndOvIiWKc9-Vx54gNcdyqGNSFmKaZUhkt2YlB2PrVj6Il9-T_LkSvqRlop8-7f0ygIBbOhEV5CC5YU_ad_XqOHXb0zaOnqPGVEL7EVN1w8KRzqWc3f8
Request Chain 255
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhBjGOpe0aoPFjkSjmcdiI&google_cver=1&google_push=ASkJ3FYLjmje2ZfisGdibU1Cy2vixyWFqwRw6LM9J-k32QA6ufykWXT5zrHhWjeW0r8RtSsnhZBMBfoGMkfz5UwW9vIrWDTEIUmC6jzNQ7YzvwmJTTHq4ThC8w1fXyS5fy4AYRNPgH6gzgeyvcEn2HuYfSk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=3ba3d39d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYLjmje2ZfisGdibU1Cy2vixyWFqwRw6LM9J-k32QA6ufykWXT5zrHhWjeW0r8RtSsnhZBMBfoGMkfz5UwW9vIrWDTEIUmC6jzNQ7YzvwmJTTHq4ThC8w1fXyS5fy4AYRNPgH6gzgeyvcEn2HuYfSk
Request Chain 256
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_597i3LZQSR9fODlS2NeJW5duP-DyMJK6_si2ZhF2JbJWYx2a5yV7-Tf_eliBeKH2KKbcNb6mc1twDDYY8a8FfV3t4HNK046kNY4v1zrxjIcbEtzWPo7DC?google_gid=CAESEPDG3t8dKEiFRUi4eMHh4hI&google_cver=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_597i3LZQSR9fODlS2NeJW5duP-DyMJK6_si2ZhF2JbJWYx2a5yV7-Tf_eliBeKH2KKbcNb6mc1twDDYY8a8FfV3t4HNK046kNY4v1zrxjIcbEtzWPo7DC?google_gid=CAESEPDG3t8dKEiFRUi4eMHh4hI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6aaf0941-3cd4-4660-9549-a12bd2554ec0&&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_597i3LZQSR9fODlS2NeJW5duP-DyMJK6_si2ZhF2JbJWYx2a5yV7-Tf_eliBeKH2KKbcNb6mc1twDDYY8a8FfV3t4HNK046kNY4v1zrxjIcbEtzWPo7DC
Request Chain 258
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_cver=1&google_push=ASkJ3FaCWwOtqIOA7MlGxPhGJWf4gCB-kmx9SUXrvPYGg2LxZKOLGFlpSOwQ5o6kCxKNvAhY_-44gHZisEfeeMCcWJLLRpGlBrBIpqraIobM11NSfMMaTJ116HOPfCMd2mayxEcRnDAzSfs3j4K_-AYYjDE HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=765a6e20353c2281&is_secure=true&networkId=14000&version=1&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_cver=1&google_push=ASkJ3FaCWwOtqIOA7MlGxPhGJWf4gCB-kmx9SUXrvPYGg2LxZKOLGFlpSOwQ5o6kCxKNvAhY_-44gHZisEfeeMCcWJLLRpGlBrBIpqraIobM11NSfMMaTJ116HOPfCMd2mayxEcRnDAzSfs3j4K_-AYYjDE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJnx7XPXbTWAN1df-dAAAAAAA&expiration=1668174804&google_cver=1&is_secure=true&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_push=ASkJ3FaCWwOtqIOA7MlGxPhGJWf4gCB-kmx9SUXrvPYGg2LxZKOLGFlpSOwQ5o6kCxKNvAhY_-44gHZisEfeeMCcWJLLRpGlBrBIpqraIobM11NSfMMaTJ116HOPfCMd2mayxEcRnDAzSfs3j4K_-AYYjDE
Request Chain 259
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENkhydPk0NPsZwUwmzFdpls&google_cver=1&google_push=ASkJ3FYUrIdGt71-jCL8XvsWUbiqtdvRthYW1V6SangCWkYeGThH_tLdXEapwM8dchRMZp0XVVyCnhE9VPH2z3YSvmM0Q3bQwr12tlbK7Ye-q35t8px4stbJmFEzLIxKljA5wWWgONliDw2o9OFqobhts8Y HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENkhydPk0NPsZwUwmzFdpls&google_cver=1&google_push=ASkJ3FYUrIdGt71-jCL8XvsWUbiqtdvRthYW1V6SangCWkYeGThH_tLdXEapwM8dchRMZp0XVVyCnhE9VPH2z3YSvmM0Q3bQwr12tlbK7Ye-q35t8px4stbJmFEzLIxKljA5wWWgONliDw2o9OFqobhts8Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTExZGY5N2EtYmMxOS00MWUzLThhOGItMmUzYTA2YTI4NjZm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Request Chain 260
  • https://fksnk.com/cs/google?google_gid=CAESEBPusgE_nS3oZ9ymrLkVx5s&google_cver=1&google_push=ASkJ3FbyqbeglXVlaTAFeKv6JMtqZbHsbNCLi9AKs_r5FbZ-Fbhn4Ye3_CKZXzZB_2tGsg3f-kzGAh5UZh_GqewiKRd2GyQRws5EHsZ6wkbaO5ElllvWSWOe-_J5Zu9oaAT5kAubcIR9bGJw7eJxGS4lZbc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODEwMDExQTFFRDEyNjFGMg==
Request Chain 261
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhBjGOpe0aoPFjkSjmcdiI&google_cver=1&google_push=ASkJ3FZrBZrGPGH_IjtOLctqypLvinilWM2kZm-ZK5hODVJkn_MvR9OPVmaRXu2Cw4rb14indK8nmH0OfXeD8GjnUsL49O3f8BDDWBfnX3ek85_DW1lm_vqMJYnzEK7P_5A0Fv9OEkBXLrrbj8f4c3F9q_Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=1f8a97e9&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FZrBZrGPGH_IjtOLctqypLvinilWM2kZm-ZK5hODVJkn_MvR9OPVmaRXu2Cw4rb14indK8nmH0OfXeD8GjnUsL49O3f8BDDWBfnX3ek85_DW1lm_vqMJYnzEK7P_5A0Fv9OEkBXLrrbj8f4c3F9q_Y
Request Chain 262
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1&google_push=ASkJ3FaqX6dz4nqtiCu_PW716Cqh8xYjwwOiWCWAEwJMEvUhuhLcFfMIRuIOukZXnjfXY7Re9YiF_KlNFzhp2rCETmnLr3XuXHEq0FoS4N3slrvpM3ytalqONceAU5-gKSz-fhYd9j1qWTqw7oLoNBGnCl0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRGRzZSHv4z8Poed6cnpZecMlXBKaggw&google_push=ASkJ3FaqX6dz4nqtiCu_PW716Cqh8xYjwwOiWCWAEwJMEvUhuhLcFfMIRuIOukZXnjfXY7Re9YiF_KlNFzhp2rCETmnLr3XuXHEq0FoS4N3slrvpM3ytalqONceAU5-gKSz-fhYd9j1qWTqw7oLoNBGnCl0
Request Chain 263
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN37IX1uZNENcO_9LX9pHU0&google_cver=1&google_push=ASkJ3FYs859p-yhkWLR2nbCPISI8X_EUYQDcsgZfOc4qMz-qaoVuyAx5fQmum-gD1QdMUsIFFao8w5tlmj4N5UGG_OnF45tHbscxW4ca5fh9j4SX-ENCAboS33xRHNVA7NzjQUxjqB6MuONrrYe-un5bOC0Z HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FYs859p-yhkWLR2nbCPISI8X_EUYQDcsgZfOc4qMz-qaoVuyAx5fQmum-gD1QdMUsIFFao8w5tlmj4N5UGG_OnF45tHbscxW4ca5fh9j4SX-ENCAboS33xRHNVA7NzjQUxjqB6MuONrrYe-un5bOC0Z&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
Request Chain 264
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEH5PRG4UeSM9RSflDoNHAus&google_cver=1&google_push=ASkJ3FYIflcI3QifqXD1ZId6P-FBKnuLbz-lK4GK_8qCmIzxIE3V_VRBwE6g9FxzYhsnc2vhiznDz9X256j5vydzjjoVFP0emmcIXP8Y4ZAmo4I0z2kcW_yksEr-Xf-zsGqr1ijDQb__pxJY5A3X-S3nS_y- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D&google_gid=CAESEH5PRG4UeSM9RSflDoNHAus&google_cver=1&google_push=ASkJ3FYIflcI3QifqXD1ZId6P-FBKnuLbz-lK4GK_8qCmIzxIE3V_VRBwE6g9FxzYhsnc2vhiznDz9X256j5vydzjjoVFP0emmcIXP8Y4ZAmo4I0z2kcW_yksEr-Xf-zsGqr1ijDQb__pxJY5A3X-S3nS_y-
Request Chain 272
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cver=1&google_push=ASkJ3FY-KNURd0cT4sMmn963gFlukghP5CBCW73TThoiibwxn7A4HQCgzE3ntrfjedROvA96URfAOl9ole9KtJvHnZ7fOdRC1qr8tg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cver=1&google_push=ASkJ3FY-KNURd0cT4sMmn963gFlukghP5CBCW73TThoiibwxn7A4HQCgzE3ntrfjedROvA96URfAOl9ole9KtJvHnZ7fOdRC1qr8tg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekRuQ2NJbHoxT1Q3Wkg1&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cver=1&google_push=ASkJ3FY-KNURd0cT4sMmn963gFlukghP5CBCW73TThoiibwxn7A4HQCgzE3ntrfjedROvA96URfAOl9ole9KtJvHnZ7fOdRC1qr8tg
Request Chain 273
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2LXBb_aexiMwxJDXUl1-Q&google_cver=1&google_push=ASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2LXBb_aexiMwxJDXUl1-Q&google_cver=1&google_push=ASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 274
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEABdWtrhHHv8Nk0VVffvs3k&google_cver=1&google_push=ASkJ3FbM5T7qXE23NPe_sWHEu_h2DKfPx_wFCsc6W-peFEW1WTvVw5M3k0QFYf2pS3jsLh9yVw1RPMm-HtdKt0-K79ej6QARJnuGjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEABdWtrhHHv8Nk0VVffvs3k&google_push=ASkJ3FbM5T7qXE23NPe_sWHEu_h2DKfPx_wFCsc6W-peFEW1WTvVw5M3k0QFYf2pS3jsLh9yVw1RPMm-HtdKt0-K79ej6QARJnuGjw
Request Chain 275
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEK30xNVETW52pZwJnfPUdeE&google_cver=1&google_push=ASkJ3FYYcyy_Zi7Fq_uBR59Op1oTghjRJCp1zUZ73mtctEpKhJfSLIhAi2X28cwVT-gAMOYw4uHcdmGXC5n3XGeNSAUKRYQaOIB_Lg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYYcyy_Zi7Fq_uBR59Op1oTghjRJCp1zUZ73mtctEpKhJfSLIhAi2X28cwVT-gAMOYw4uHcdmGXC5n3XGeNSAUKRYQaOIB_Lg&google_hm=QkVjTVVJVVlPdEgxV2hRRjBfb0h1dy13SEYw&from_google=sp1
Request Chain 276
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWzwqA0ragAT5x7oDhm83o&google_cver=1&google_push=ASkJ3FZPpY4JFssZFK-YvbdlF-CIHRo6fYoKrA1l1VapkA35avJ-LZS4hTrhjDTJiRd-lQqfco5fTQvvgq-aezHOHOPFeoYfSrFLNw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZPpY4JFssZFK-YvbdlF-CIHRo6fYoKrA1l1VapkA35avJ-LZS4hTrhjDTJiRd-lQqfco5fTQvvgq-aezHOHOPFeoYfSrFLNw&google_hm=MTYxNzYxMDI5ODk0NDYzMTY1NA%3D%3D
Request Chain 278
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN37IX1uZNENcO_9LX9pHU0&google_cver=1&google_push=ASkJ3FZtO--376_RgUOz_9u694kea0y3xOeWch_6r4haiaQtKN0_tA6pv4VUHaq1-g_K8RwAWXEGEfwmKw8DsfmmbRhACsypm3jTk2U HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZtO--376_RgUOz_9u694kea0y3xOeWch_6r4haiaQtKN0_tA6pv4VUHaq1-g_K8RwAWXEGEfwmKw8DsfmmbRhACsypm3jTk2U&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
Request Chain 304
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB7yxlnmxY2mXuyJVMx99pg&google_cver=1&google_push=ASkJ3FbRpsyk3Q-DfiThoV38SVA3sCCzjQJ1SSvs1Glnt6OvHcqeFwogW4iqs3OL_NaCf1FHq4UqyqVkwUnxqtDDs2fOyn7yfzEQ3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbRpsyk3Q-DfiThoV38SVA3sCCzjQJ1SSvs1Glnt6OvHcqeFwogW4iqs3OL_NaCf1FHq4UqyqVkwUnxqtDDs2fOyn7yfzEQ3Q
Request Chain 305
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPb-omYNp4-HDDwi5sZ7sB4&google_cver=1&google_push=ASkJ3FbuDkahyITc8fn5Obxyawa_apMcEQ9M4y9FhLihVP8em2hy16aUSDEIXqYAMmjP7_FKit7wznYim6Bw6qyjZ6FnqypoXj_jPQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FbuDkahyITc8fn5Obxyawa_apMcEQ9M4y9FhLihVP8em2hy16aUSDEIXqYAMmjP7_FKit7wznYim6Bw6qyjZ6FnqypoXj_jPQ
Request Chain 306
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEK30xNVETW52pZwJnfPUdeE&google_cver=1&google_push=ASkJ3FaFrOwL2V3qrX69X3gtxr9UZA4uFbZpWjWBPpXBgAHNAjZNrIFTIFs38lDyTqfu7ialycEZXgdelq9nXrf61vfM31GlCY99CA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FaFrOwL2V3qrX69X3gtxr9UZA4uFbZpWjWBPpXBgAHNAjZNrIFTIFs38lDyTqfu7ialycEZXgdelq9nXrf61vfM31GlCY99CA&google_hm=&from_google=pc1
Request Chain 307
  • https://a.c.appier.net/gcm?google_gid=CAESEI6P6de6H6rTkqrrngb0MqU&google_cver=1&google_push=ASkJ3FbhlmeyE_X-SGHVX0wKYsSXpRgKoxb4ehUzYUaemr5oYVvLWSv-aBg4zq6UR-JT_VO70o-sikanf-CaAU7wbHggz79f-5P1NA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZlN4MVRDMHNEZ3FBWmlPY1VBSnRZdw%3D%3D&google_push=ASkJ3FbhlmeyE_X-SGHVX0wKYsSXpRgKoxb4ehUzYUaemr5oYVvLWSv-aBg4zq6UR-JT_VO70o-sikanf-CaAU7wbHggz79f-5P1NA
Request Chain 308
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1&google_push=ASkJ3Fb6_KWfC4FR8gvKYOSPOm73lrJ-oQG3E9JU7PSyYaUfB4ZnoFwU7dR_Vqt_wQ8wWXiZnedt9ft3QonWE3LCd2_27iHE0r6CAQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRHGeHFBp8_yfdXx5gEo5evjnDdd9tVg&google_push=ASkJ3Fb6_KWfC4FR8gvKYOSPOm73lrJ-oQG3E9JU7PSyYaUfB4ZnoFwU7dR_Vqt_wQ8wWXiZnedt9ft3QonWE3LCd2_27iHE0r6CAQ
Request Chain 309
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN37IX1uZNENcO_9LX9pHU0&google_cver=1&google_push=ASkJ3FbwfRqdlhOHZRnoOHi4s_e0t1x-al4nuBkMzHs9YdgX6ah30Lu_fX73G7dCx3YvMyKVx33BEf0OZNnC9W0V9uGqhLj0KFC1NII HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FbwfRqdlhOHZRnoOHi4s_e0t1x-al4nuBkMzHs9YdgX6ah30Lu_fX73G7dCx3YvMyKVx33BEf0OZNnC9W0V9uGqhLj0KFC1NII&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
Request Chain 310
  • https://trace.mediago.io/cs/google?google_gid=CAESEJCVxaibOJ7oPceKvena3R4&google_cver=1&google_push=ASkJ3FZlNLw_78408vcaVDZ7asMyHkqLocrv8ZzcaYwYRG2r0DVx_unvyzNXIkygO7SgemwbbPvU_D4urIb2aOHcXQdSlQcErpn5hw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZlNLw_78408vcaVDZ7asMyHkqLocrv8ZzcaYwYRG2r0DVx_unvyzNXIkygO7SgemwbbPvU_D4urIb2aOHcXQdSlQcErpn5hw&google_hm=b78f945cc6af0181b48ea8b4cf07a284
Request Chain 316
  • https://gcdn.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/AFAF11B6ECAE9860552E64AE276E6D977EBA15E2.263350D52CDC6ACB80CDA6697D9560F5F3C9DB4C/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14E90B494FEC2FA336B0EDA82B77E3A8B95F75FD.123F96323FE2AA2088B9E3995C89D0281C5E7607/key/cms1/cms_redirect/yes/mh/1H/mip/116.90.74.196/mm/42/mn/sn-ntqe6n7k/ms/onc/mt/1668088124/mv/m/mvi/1/pl/24/file/file.mp4
Request Chain 329
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 331
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9192791989223138597&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 332
  • https://match.adsrvr.org/track/cmf/openx?oxid=1215e174-6322-7b27-d193-e9355206cf4f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&ttd_puid=1215e174-6322-7b27-d193-e9355206cf4f&gdpr=0&gdpr_consent=
Request Chain 333
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y20CVcCo5ssAAG1SVZsAAAAA
Request Chain 334
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZx_8S89wff_ks8ADv76QF9lHs8AAAGEYdEgfQ
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=1&gdpr_consent=
Request Chain 343
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2434649983444340243
Request Chain 345
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRIIPqwlUjJ7vg7F_5btRdoCtVnpVZnA
Request Chain 347
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCNaEtJsGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 348
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1
Request Chain 352
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&dongle=0cfd
Request Chain 355
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTc5MTE3NzE0MDc4OTA2Nzk2Njcy HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED5P50_qZmTqWMsGIoYINqQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 357
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTc5MTE3NzE0MDc4OTA2Nzk2Njcy
Request Chain 358
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=979117714078906796672&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=979117714078906796672&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b2fa4faf-4332-403c-af23-39a4b1d8ba48&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b2fa4faf-4332-403c-af23-39a4b1d8ba48&_noobservation=1&_expected_cookie=207ac274878fd7d822498885f07a5032
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=979117714078906796672&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4344049554935797039&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/979117714078906796672?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.JyPq09E2oQe5PcdIzZ6eZ3e6fXcGa3TjK5Ka7g_FA--~A&dongle=0883
Request Chain 361
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=979117714078906796672 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=979117714078906796672&dcc=t
Request Chain 363
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2434649983444340243&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 370
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 371
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Drkt%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=rkt&refUrl=&vid=80884058793110900057443656000V10&ovsid=1991787314819964909
Request Chain 373
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dapx%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=apx&refUrl=&vid=80884058793110900057443656000V10&ovsid=2434649983444340243
Request Chain 374
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dopx%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=opx&refUrl=&vid=80884058793110900057443656000V10&ovsid=da3988eb-c822-41c7-b2dc-975be0e95d93
Request Chain 375
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dmma%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=mma&refUrl=&vid=80884058793110900057443656000V10&ovsid=c619636d-0255-4600-91f3-34a69b38850b
Request Chain 376
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%5BRX_UUID%5D&cb=1668088406788 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8272918142 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e11df97a-bc19-41e3-8a8b-2e3a06a2866f HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3DRX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExMDkwMDA1NzQ0MzY1NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGr4cB3RV5-XB---efKXDAw&google_cver=1
Request Chain 378
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=dxu&refUrl=&vid=80884058793110900057443656000V10&ovsid=zDnCcIlz1OT7ZH5
Request Chain 380
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=6aaf0941-3cd4-4660-9549-a12bd2554ec0&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171249830&expires=5 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0
Request Chain 381
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dzem%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tdhFFgf1VycTFVPjLNaN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUMRUEMRTHMYYVM6LDKRDFMUDKJRHGCTRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DAOBYGQYDKOBXHEZTCMJQHEYDAMBVG42DIMZWGU3DAMBQKYYTAJTWONUWIPJTGEYTAOJQGAYDKNZUGQZTMNJWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUMRUEMRTHMYYVM6LDKRDFMUDKJRHGCTRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DAOBYGQYDKOBXHEZTCMJQHEYDAMBVG42DIMZWGU3DAMBQKYYTAJTWONUWIPJTGEYTAOJQGAYDKNZUGQZTMNJWGAYDAVRRGA
Request Chain 382
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3110900057443656000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3110900057443656000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=2f68d298-957b-4cc2-b36a-0d898276869d&cs=1
Request Chain 384
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Request Chain 387
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&dcc=t
Request Chain 388
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
Request Chain 390
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2434649983444340243
Request Chain 391
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
Request Chain 393
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2434649983444340243
Request Chain 394
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
Request Chain 403
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 405
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=2434649983444340243
Request Chain 406
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FoNBERZH_e4VqfGXS_2aYKzG
Request Chain 407
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FoNBELZH1FGvhW1ER3G2_OpR
Request Chain 408
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668088406788 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1053650151 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e11df97a-bc19-41e3-8a8b-2e3a06a2866f HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3DRX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004
Request Chain 409
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1978557980240168668
Request Chain 411
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/10105?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3b8b88dd-5342-4808-b40c-079fc2cb50bb&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=Y20CVIOgmcphDt9a8o76JgAA%264707 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/10105?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3b8b88dd-5342-4808-b40c-079fc2cb50bb&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=2434649983444340243 HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 412
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
Request Chain 413
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtM2I0MTRhMmUtMmExNS0zNmMxLWI5OWQtMDg4ZDQ5YzIyMjFlMgEGOAE=%26buyeruid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3918%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/3918?gdpr=0&gdpr_consent=&us_privacy=&A=3b8b88dd-5342-4808-b40c-079fc2cb50bb&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%3D%3D&uid=2434649983444340243 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3918%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Request Chain 414
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
Request Chain 416
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==
Request Chain 417
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hY5qQyFJSGGBcyy81cOiVw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hY5qQyFJSGGBcyy81cOiVw
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6nQ1StQtfJhF630-uOei0&google_cver=1
Request Chain 419
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MabrZM46D1wDhvmWbOBMWcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1617610298944631654
Request Chain 420
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=&expires=30
Request Chain 421
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lHJTeg20RiCHy6ygzyJRhw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lHJTeg20RiCHy6ygzyJRhw
Request Chain 422
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB4RIS9-1S-A4NA
Request Chain 423
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM5NDRmZmZmOWNhYzZmZjE5M2JjNjY5MGNiOGY5YTMyODFjMmJiNw
Request Chain 434
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGKfJwdQBIAEwAQ&v=APEucNVUy526rjJrJkEYIEr6BtmbaYxqhWohhNX4XI34SlpiEEecrwte2NSRbYZv9jST7h1elLbLqUVG12Hsztj5QVrwmyn8_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
Request Chain 441
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c619636d-0255-4600-91f3-34a69b38850b
Request Chain 442
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y20CVAAHAFd5gwA7
Request Chain 443
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJpo07G2gUAACB6cjtCUQ&expiration=1669298007
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
Request Chain 445
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
Request Chain 446
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
Request Chain 447
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
Request Chain 450
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRJTFZ1z3b2PZRgrJMq_7BY7Qf1wEAEA
Request Chain 452
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
Request Chain 453
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LAB4RIS9-1S-A4NA&gdpr=0
Request Chain 454
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2434649983444340243
Request Chain 456
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1226009800986575256
Request Chain 457
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IBwgblf1LZO-58XCbFpNjIpFkZ3Kb8kCshlXD8HhRXg
Request Chain 458
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUIxMzk4NTktMDE0NS00ODVDLTg1M0UtQTI4Njg0NTcwQTM2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
Request Chain 460
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
Request Chain 461
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=3-jXlNnp1MHE7NXG3OzMwdDu2cPE7dOUiOLGe6oJ HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 464
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2434649983444340243
Request Chain 465
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a933d0ac-3bd1-4712-bbf9-c136a408d168&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
Request Chain 466
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2e6fcd4c-d455-4cc0-426e-af7bc1028ef5$ip$116.90.74.196
Request Chain 467
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a933d0ac-3bd1-4712-bbf9-c136a408d168&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=yHQxriQwgSA1sRAf-8yy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KIKF4HE2KRO5TVGQJRONJECZRNHB4XSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KIKF4HE2KRO5TVGQJRONJECZRNHB4XSJTVONPXA4TJOZQWG6J5GEWS2LI
Request Chain 468
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668088407027 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8685808182 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e11df97a-bc19-41e3-8a8b-2e3a06a2866f HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004
Request Chain 469
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=oHYfJ9sbrjX0&ev=1&pid=558355
Request Chain 470
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28I0yvKOFKydeYNo2xS3Nu2okOz1VOu6oiAmLc0T3IodcKNuA2npTqhyXZ8vtBMpE0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28I0yvKOFKydeYNo2xS3Nu2okOz1VOu6oiAmLc0T3IodcKNuA2npTqhyXZ8vtBMpE0%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_a933d0ac-3bd1-4712-bbf9-c136a408d168&obuid=ENC(I0yvKOFKydeYNo2xS3Nu2okOz1VOu6oiAmLc0T3IodcKNuA2npTqhyXZ8vtBMpE0) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 471
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e5284504-4b37-4371-b6e8-f9d89a56ce09
Request Chain 472
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-dD_TN_JE2pefmIH5D9AN.xdTtqdLL8IoF1lC~A
Request Chain 473
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=833ea32c-6d83-4eee-bc49-54865bf990ba
Request Chain 476
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=5f949ad8-784c-411c-abc0-af59bf6bb99f
Request Chain 477
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1607565603117449587
Request Chain 480
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Request Chain 481
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
Request Chain 482
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent=
Request Chain 485
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y20CV8Co5ssAAG1SVfAAAAAA
Request Chain 487
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y20CVIOgmcphDt9a8o76JgAA%264707
Request Chain 488
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=F28jahdyOemMj1yQnB09&pi=gumgum&tc=1
Request Chain 489
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 494
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAB4RIS9-1S-A4NA HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LAB4RIS9-1S-A4NA
Request Chain 495
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAB4RIS9-1S-A4NA HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB4RIS9-1S-A4NA
Request Chain 499
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 500
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 501
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrhxg3y9gu0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Request Chain 502
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=StDxH0zR8kpR1PNNSdTqSkXW_0hR1fUfHdr4EJjV HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 503
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2434649983444340243&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 505
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vmi_5psURoOr9tGfNljm6w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 506
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0b0cb704d64e49921b9762222822125364d6a6aec1955294ba9b3b0e5697462a791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwYjBjYjcwNGQ2NGU0OTkyMWI5NzYyMjIyODIyMTI1MzY0ZDZhNmFlYzE5NTUyOTRiYTliM2IwZTU2OTc0NjJhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2IS0mwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYjBjYjcwNGQ2NGU0OTkyMWI5NzYyMjIyODIyMTI1MzY0ZDZhNmFlYzE5NTUyOTRiYTliM2IwZTU2OTc0NjJhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2IS0mwYSBAgCEABCAEoA&google_gid=CAESEPMhLYcgCtoN6xi8Ee3Qabk&google_cver=1
Request Chain 507
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c619636d-0255-4600-91f3-34a69b38850b
Request Chain 508
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkU2OEJGRTYtOUIxNC00NjgzLUFCRjYtRDE5RjM2NThFNkVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 509
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKmi9dpXSYwSoGHY5Ylr0-I&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 510
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:12F8C8EF15E240F1BBB55A33814A3EC6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 512
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Request Chain 514
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4344049554935797039&gdpr=0&gdpr_consent=
Request Chain 515
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2434649983444340243&gdpr=0&gdpr_consent=
Request Chain 516
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
Request Chain 517
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=b2343afaf2&gdpr=0&gdpr_consent=
Request Chain 527
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAB4RIS9-1S-A4NA HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LAB4RIS9-1S-A4NA

544 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
www.bg3.co/a/ 		56 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3400517be6445f947dd790dea5194d3e105a8350318bc1ad50b4feb370f60243

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 13:53:13 GMT
ETag
"deb5-hwgwjngJkAK04AZ3p4EIOxX9XxE"
Expires
Thu, 10 Nov 2022 14:53:13 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 13:53:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8c5dc74afc4fee5e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 13:53:14 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 13:53:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9659
x-xss-protection
0
server
sffe
etag
"4254571f41355952"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 13:53:14 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 13:53:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
etag
"39279299a806cd29"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 13:53:14 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 10 Nov 2022 13:53:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31984
x-xss-protection
0
server
sffe
etag
"1fa26b097e24ff6d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 10 Nov 2022 13:53:14 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:15 GMT
cf-cache-status
HIT
last-modified
Thu, 27 Oct 2022 03:15:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6359f7c6-adfb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZFvH8G9g7msURGXO64eFbK5xMqpxYeeiEnj177lFENeT6TlPDHUQMMw1uQz%2Bv11FzXO880ZqaLe9DeeR4fFXH%2BbbwZxtWcLdzAo6Lj1ZGbyPBBsISqp2j80ZLbnHWGrfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
767f45f89caaa95f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44539

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 13:53:15 GMT
content-encoding
br
last-modified
Thu, 10 Nov 2022 07:00:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
9035
expires
Thu, 10 Nov 2022 14:53:15 GMT
adpushup.js
cdn.adpushup.com/42753/ 		867 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 13:53:15 GMT
content-encoding
br
last-modified
Thu, 03 Nov 2022 17:05:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
x-cf-geodata
NZ
content-length
194623
expires
Thu, 10 Nov 2022 14:53:15 GMT
8bd98b6988b9101076ead3c64ed8058e.jpg
static.bg3.co/imgs/202110/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/8bd98b6988b9101076ead3c64ed8058e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
575f96dd4b924ff75bdff74ad79ce54e.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/575f96dd4b924ff75bdff74ad79ce54e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3869f36d797cbd9c18b91189a9e987a5.jpg
static.bg3.co/imgs/202205/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202205/3869f36d797cbd9c18b91189a9e987a5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ba04ec048b60156539f78b6dd34563c5.jpg
static.bg3.co/imgs/202012/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202012/ba04ec048b60156539f78b6dd34563c5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:52:52 GMT
age
82824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2997
x-xss-protection
0
server
sffe
etag
"b5d6bb1d52a8f322"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:52:52 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:52:53 GMT
age
82823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3863
x-xss-protection
0
server
sffe
etag
"409244e9f59114f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:52:53 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:15:56 GMT
age
81440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23047
x-xss-protection
0
server
sffe
etag
"ba2717cd44fdea30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:15:56 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		2 KB
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNygtJsGEogBCiRjMWU1ZTk2YS1hYzdiLTQyZmEtYTg4MC0zN2U1Y2VlZGZjZTYQ6JCNkN3O+gIaBgjMhLSbBiINMTE2LjkwLjc0LjE5Nija0AMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDRiMDAzYjRhLTZjNDItNDljZC1hYWFhLTQyYzE3MjRkMDRlZRi46QE=.Vu8FZl9vZ38upm6bXihEvyHGu779chaIB7YiwrhHqx4=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668088396.dop109.la3.t,1668088396.cds210.la3.hn,1668088396.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3061
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZfdt%2F81gJyP0%2F5VOO0uaOI3udZMmp7D4k7blOZyzxk6DpBIPIOSqZyVRbl46G%2FwRWMWA%2Fk1a7G2LZiWH1IE4oJd6uv2f4E3NwYKfehxgiC33nxV7wKKjZOkmMo%2FCye7sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
767f45fb1f04a95f-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:16 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:16 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6595394132129355&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:16 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
ad_request
ads.aralego.com/ 		412 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7214263522728992&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:16 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
412
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:19 GMT
age
82257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10265
x-xss-protection
0
server
sffe
etag
"23bc4ca8e6d97223"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:19 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210272257000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:56:32 GMT
age
82604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57848
x-xss-protection
0
server
sffe
etag
"223b6842b827a21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:56:32 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:16 GMT
content-encoding
gzip
x-sp-metadata
HS256.CNygtJsGEogBCiQ3NTlmYWY2OC03MjNiLTQyNmYtOTc1ZS1jY2NiMTExNDJkYTMQ6JCNkN3O+gIaBgjMhLSbBiINMTE2LjkwLjc0LjE5Nija0AMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGNmYWEzNjA5LTIyODktNDc3Mi05M2YwLTg2OGZhOTM1NWFhNhib8QE=.ybInlsHEkV5GJ/6dOapHyeEKZfUh9AqXsrEnRPFlcD8=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668088396.dop109.la3.t,1668088396.cds210.la3.hn,1668088396.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
gtag.json
cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210272257000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:58:26 GMT
age
82490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"0617c6e185be6e0c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:58:26 GMT
init.js
cdn.holmesmind.com/js/ Frame 36E3 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 13:53:05 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
eDcObEgf4mPLVlRnv2qGrDWgPiDQcNPTe-WQf10qDDHxkapOcBDO5w==
init.js
cdn.holmesmind.com/js/ Frame 5AA1 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Thu, 10 Nov 2022 13:53:05 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
1YrqGet5cHUyKVBxtcOnCPpn_AGfHiXo4MYzF2jmB4oAWPHAuHS8xw==
block.jpg
delivery.adrecover.com/ 		281 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668088396817
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
Akamai Image Server /
Resource Hash
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-image-server-fetch-real
770
date
Thu, 10 Nov 2022 13:53:17 GMT
x-image-server-cost-real
223489
x-akamai-im-skip-dlr
1
x-image-server-cpu-estimate
8
x-image-server-response
request-3632249-00617912-1a0d8138
x-akamai-device
mobile:false&tablet:false
x-image-server-cost-estimate
156810
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=806
content-length
281
x-image-server-product
AIC
x-akamai-country
NZ
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
Akamai Image Server
x-im-policy-version
1
x-image-server-cpu-real
9
etag
"60d2d6c2-277"
x-image-server-store-time
1668088397
x-im-result-width
1
x-im-original-width
1
access-control-allow-origin
*
content-type
image/jpeg
cache-control
no-transform, max-age=3600
x-image-server-original-size
631
x-image-server-fetch-estimate
774
expires
Thu, 10 Nov 2022 14:53:17 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 10 Nov 2022 13:53:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-20876441721900431501.ampproject.net/2210272257000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-20876441721900431501.ampproject.net/2210272257000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1E48 		714 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5096
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
767f4601eaf8a7f5-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 13:53:17 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vOrgv7Ue8pGrZtnUcXSBEUvbW4u4W7Sce7J8KygReISLLYxoWIBaOXysOoyJxVTvlHi8ydJaXzsH%2F8RCjd8x7e9mqIsyyjmVD8%2B3lOc%2BZadtp6jxURlPiwkskTxNyUKFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:17 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 50C4 		714 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5096
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
767f4601eb01a7f5-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 13:53:17 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn0G0KHtJ59Fqw5UOEYdGxU7BOxmSGO4rHjbhSIVPUB3uplHcZR%2BTbPZdQ345QOFLFnE9Z5ubtWl4RnEkqkSeJEpG8RmGaebByAPKTWz0W6difFix5wLXS0EJDYwCj6iqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 13:53:18 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
94168
expires
Fri, 10 Nov 2023 13:53:18 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 13:53:18 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2
accept-ranges
bytes
content-length
317
expires
Fri, 10 Nov 2023 13:53:18 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 13:53:18 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
17440
expires
Thu, 10 Nov 2022 14:53:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
45c2af6cf00270892b997265755b086541910d9f5192864a0903eea6b3101aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27365
x-xss-protection
0
server
sffe
etag
"1389 / 364 of 1000 / last-modified: 1668081943"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 13:53:17 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:17 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1E48 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
c94553bf7b69223fc530eb7162812857b0842dfb0df5f9598254e08287692037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1389 / 608 of 1000 / last-modified: 1668081943"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 13:53:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 50C4 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
c590106c538d6a794d33b08be9570898a47529098712f14a8f55b55f7d189f2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27363
x-xss-protection
0
server
sffe
etag
"1389 / 92 of 1000 / last-modified: 1668081871"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 10 Nov 2022 13:53:17 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgwODgzOTcyMDksInBhY2tldElkIjoiMDAwMEE3MDEtNTI3N2Y5M2QtOWNmOC00Y2ZlLWI4NjUtZmZhZmNkM2U1ODBmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lvdS15b3UtbWluZy14aW5nLWppLWppbi1qaW5nLWxpLWJlbi1zaS13YWktemktc2ktbXUtamlhLXN1LWppbi1jaGFuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=4456.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjgwODgzOTcyMTAsInBhY2tldElkIjoiMDAwMEE3MDEtNTI3N2Y5M2QtOWNmOC00Y2ZlLWI4NjUtZmZhZmNkM2U1ODBmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lvdS15b3UtbWluZy14aW5nLWppLWppbi1qaW5nLWxpLWJlbi1zaS13YWktemktc2ktbXUtamlhLXN1LWppbi1jaGFuZy5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=4456.89999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwODgzOTcyMTAsInBhY2tldElkIjoiMDAwMEE3MDEtNTI3N2Y5M2QtOWNmOC00Y2ZlLWI4NjUtZmZhZmNkM2U1ODBmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lvdS15b3UtbWluZy14aW5nLWppLWppbi1qaW5nLWxpLWJlbi1zaS13YWktemktc2ktbXUtamlhLXN1LWppbi1jaGFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=4457.199999809265
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:17 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
7566
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Thu, 10 Nov 2022 17:53:17 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwODgzOTcyMTUsInBhY2tldElkIjoiMDAwMEE3MDEtNTI3N2Y5M2QtOWNmOC00Y2ZlLWI4NjUtZmZhZmNkM2U1ODBmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lvdS15b3UtbWluZy14aW5nLWppLWppbi1qaW5nLWxpLWJlbi1zaS13YWktemktc2ktbXUtamlhLXN1LWppbi1jaGFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=4462.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjgwODgzOTcyMTgsInBhY2tldElkIjoiMDAwMEE3MDEtNTI3N2Y5M2QtOWNmOC00Y2ZlLWI4NjUtZmZhZmNkM2U1ODBmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lvdS15b3UtbWluZy14aW5nLWppLWppbi1qaW5nLWxpLWJlbi1zaS13YWktemktc2ktbXUtamlhLXN1LWppbi1jaGFuZy5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=4465.300000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:17 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 96C2 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
21
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 13:52:57 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
x-amz-cf-id
PXusCWebqkes2eYj3RBenAlNj1G_B9vMlyxM5H-95MX7zgFkh3dmcw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 36E3 		662 B
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:52:55 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
33
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
z1HxHZBqxs3hhKUWyizXqXmtAtQw-QPGEqnyXkyCwn6oxUOANgkb_w==
presetfn.js
cdn.holmesmind.com/js/ Frame 25A1 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 13:53:04 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
14
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
yrv9hl92ShLeRZHw6KEBnPICbip3LHeapxNU_RaDQAKOZSF0sAc3nA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 3855 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
21
content-length
4730
content-type
text/html
date
Thu, 10 Nov 2022 13:52:57 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
x-amz-cf-id
yjikcVjXZGvWsXICRaaDG24Xs7dYPD8XOuRYFcPC9RsHlRKy7NY1lA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 5AA1 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:52:55 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
33
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
pj-dc6nI6M61e2oMPDgizRkhPm_CVhmWZxim37Nqu7xPjnhoxHqW4A==
presetfn.js
cdn.holmesmind.com/js/ Frame 9BA2 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VaSpewhnvI6bFcTAqatFk5SqvLFpxvJd
date
Thu, 10 Nov 2022 13:53:04 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Thu, 20 Oct 2022 05:58:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
14
etag
"760acffabe0db50f11b07aec24b247c5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9628
x-amz-cf-id
TefxidigSyhfRUYz17iBKXK8WPi1dFco__OdyepZcXTr2iXGqGBP4w==
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%8F%88%E6%9C%89%E6%98%8E%E6%98%9F%E5%9F%BA%E9%87%91%E7%B6%93%E7%90%86%E2%80%9C%E5%A5%94%E7%A7%81%E2%80%9D%E5%A4%96%E8%B3%87%E7%A7%81%E5%8B%9F%E5%8A%A0%E9%80%9F%E9%80%B2%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-ke56cJIxYSkF6eo6rRYZrw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7952752365018236&gjid=0.49127185807570894&_r=1&a=1062&z=0.5140117657188847&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 80B5 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34430403322081795740&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2892&oid=2&is_amp=5&amp_v=2210272257000&d_imp=1&c=5666001062&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&ga_hid=1062&dt=1668088397041&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&bdt=2757&dtd=573&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210272257000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:18 GMT
expires
Thu, 10 Nov 2022 13:53:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cm.php
fcm.holmesmind.com/ Frame 42C8 		332 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:26 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 96C2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 14:03:18 GMT
cm
c.holmesmind.com/ Frame 96C2
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 13:53:18 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 25A1 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-103.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:44:22 GMT
content-encoding
gzip
via
1.1 fe1f71a38555d37376d318601a210ec4.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
536
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
x-amz-cf-id
8oNJwv76LRZB_eliLiZlP5fL3oDTAHIbcs6-j9MEqDotXvejmPRyAw==
cm
c.holmesmind.com/ Frame 3855
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Thu, 10 Nov 2022 13:53:18 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame C3CD 		39 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:18 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 3855 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 14:03:18 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 9BA2 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=14006
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-103.sin52.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:44:22 GMT
content-encoding
gzip
via
1.1 fe1f71a38555d37376d318601a210ec4.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
SIN52-P1
age
536
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
x-amz-cf-id
iZNqB0zZI2Sl_z67CzUQH9f56cVM0n_yQJz1GHiUOkyfRacuunGvhQ==
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 11:42:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Nov 2023 11:42:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Thu, 10 Nov 2022 13:53:18 GMT
pubads_impl_2022110301.js
securepubads.g.doubleclick.net/gpt/ Frame 50C4 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131019
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 08:36:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 10 Nov 2023 11:06:50 GMT
pubads_impl_2022110801.js
securepubads.g.doubleclick.net/gpt/ Frame 1E48 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 11:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131898
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:38:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Nov 2023 11:59:09 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 9BA2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&n=573&o=1&d=1&b=2&ts=1&ii=2&FPCK=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8e1f93dc68b91ed2bdebc47a1eac520820d2e92e43daea90ddeb6827f5dfd0a4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 9BA2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:18 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
X6l_pK0V1kskDXxOA7zMiMqEwX5jmbzePXIK3OJcZ03enPoUo0jWdA==
publishertag.js
static.criteo.net/js/ld/ Frame 9BA2 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 13:53:19 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 9BA2 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:04 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
15
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
o9JV1r2ePyXOLywRhyjac9nVGoJL8ikOLPQbaHiWb4yWU3Fr6ajRgQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 9BA2 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:07 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
6yWHLLx7208zKkpFEzVja6gGjMI0bEnwP1cVcch4aNJ3BgDfceu0Gg==
appierV2.js
cdn.holmesmind.com/js/ Frame 9BA2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:52:21 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
58
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
ZVgtCsOtutLDEkcr9CS_Ni-bfn19DUcJO7YaK6yF_PYgTXpK2JhV0g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 9BA2 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 13:52:20 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
59
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
4zsEbTByh7TIsY3ZYCxnQwJbT-Jgc6CKNHE3cVeV1VUm4JYqIccPKQ==
ads.js
ad.holmesmind.com/adserver/ Frame 25A1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&n=909&o=1&d=1&b=2&ts=1&ii=2&FPCK=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.174.187 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-174-187.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fd9c06c6f1502e4a80985a0829db231a1589e3d957041192336e68e371769d4e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 25A1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:18 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
9
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
ZkMKaTp95VxyGPlYuIhD976B-TBWhr1jov39ujDTsqR5NhNdDvwq1Q==
publishertag.js
static.criteo.net/js/ld/ Frame 25A1 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 13:53:19 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 25A1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:04 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
15
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
4me5AsknARLDsqKU1bvRNZKwzhWTOMXMNbf5O89j-PGbizgb9WgrIw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 25A1 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:07 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
fgz_Wl5EtYx5TUnYmjvsgeHTgCO2hTsbfQ9WIecmvO8SclwnlYtqfw==
appierV2.js
cdn.holmesmind.com/js/ Frame 25A1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:52:21 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
58
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
SIXLafPTzHIaDXrYQcgzZM_aa95fVmYR1_Z4JATc7tS22t2j5MI3SA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 25A1 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QNf_HVa__9WDJ9903hLaQWAhMnzhWu2z
date
Thu, 10 Nov 2022 13:52:20 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 09:50:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
59
etag
"b678af4b54f33f8ef194167ea87bc296"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5925
x-amz-cf-id
7JX-UmqhAqk8Cgz-8p12n6Lz2XhHWGzlGWSeZnCxhaT7jTWs1-rXxw==
/
t.ssp.hinet.net/ Frame 96C2 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d05895f60d10575673d6f03f9272a42d803bab99cdd223b8aabe2f48af829b86
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 3855 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
cec12157ac766bab34ff7e9e77de9cdb6f9e25e70fb9213771c7590567ec8f52
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
landing.php
fp.holmesmind.com/ Frame 4BBB 		332 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&CFFPCKUUID=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&maindomain=www.bg3.co
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:28 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 9BA2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 14:03:18 GMT
landing.php
fp.holmesmind.com/ Frame E8CB 		332 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&CFFPCKUUID=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&maindomain=www.bg3.co
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:28 GMT
referrer-policy
no-referrer
utag.js
t.ssp.hinet.net/ Frame 25A1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:18 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Thu, 10 Nov 2022 14:03:18 GMT
prebid.aspx
prebid.scupio.com/recweb/ Frame 9BA2 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6744210488190712
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 9BA2 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8922772931814085
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 9BA2
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=PwD7N9BAC9ubluRRUAJtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=PwD7N9BAC9ubluRRUAJtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 13:53:20 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=PwD7N9BAC9ubluRRUAJtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 9BA2
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=mttmGJxYCVOvYxJ3UAJtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=mttmGJxYCVOvYxJ3UAJtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 13:53:20 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=mttmGJxYCVOvYxJ3UAJtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 9BA2
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=fSx1TC0sDgqAZiOcUAJtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=fSx1TC0sDgqAZiOcUAJtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 13:53:20 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=fSx1TC0sDgqAZiOcUAJtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9BA2 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 13:53:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 25A1 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 10 Nov 2022 13:53:19 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 25A1 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7284394615058927
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 25A1 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8232670906094541
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 25A1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=-fqSAT5AB_iHg0HlUAJtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=-fqSAT5AB_iHg0HlUAJtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 13:53:20 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=-fqSAT5AB_iHg0HlUAJtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d05d748e2bed6c06d43389b5ce1e231a15bbad2d5b0569106cf95249bc1ae92

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
etag
"Y8QtaFbAe6Y/4gwtHHbZIQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 17 Nov 2022 13:53:19 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221110
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae487bf3122a1c57eaf50f2fe1581aa4fe8d8697ff4995955ad2fecb70bc7f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39109
x-jsd-version
1.0.1518
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4580-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66f-QliR71HbYJj5Lj0YyDNVSqNfpJE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cALnqTqMJi5RIDAM35IsIsQaqUdsEgs0Egtj04exSye5lMLTQ3GdR%2Bz55FKid9xaieDvZV6cWG%2FQx798VNtH60KDBv0kGzi8JStqwoTA5sSv2sqSczWY1kwigR5VcXqaPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
767f460f7d37aae3-SYD
adreq
ads.servenobid.com/ 		717 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7554
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.49.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 10 Nov 2022 13:53:19 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=55731979463
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.173.93 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-173-93.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0c75124e321ad18d273e74a011c83fc4779c5da27099260a523f13d8a085467b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2848
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.229.70.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-70-27.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
1
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
23
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b208c88dda805bdf4c69def3df4e629c955a1f9703f1f8ff2caa623cae270c76

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
120
alt-svc
clear
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5390616c-9d77-48dc-b776-93628ffa93e0%2C14927bb3-7216-44b0-b32e-2b8fbe11b2d6%2C16a94359-c55f-486d-ab0f-0564793a7d06&nocache=1668088398945&pubcid=c1b9de2d-caa5-44d0-8b45-21dd3621fcb2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a1fd28e5917a1b3640efd16d014f162531e2498b978ce378eeab50c9328988ad

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=61c06bce-6014-4d3a-a50f-ae9d0abbc8ba&nocache=1668088398945&pubcid=c1b9de2d-caa5-44d0-8b45-21dd3621fcb2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f0c29610-439f-477b-baa8-217c1a3b6efa&nocache=1668088398945&pubcid=c1b9de2d-caa5-44d0-8b45-21dd3621fcb2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		378 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f1458d2ad7aaf6035b7560e923072a96cdecf92d3f13c9089099130d3499b850
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:19 GMT
AN-X-Request-Uuid
269fa590-0319-422f-8b84-e0a361f27a55
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
378
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224650a81cb7403bc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22538adff7be394f4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22567af2dc03337a1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2257c5b32a012162d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c1b9de2d-caa5-44d0-8b45-21dd3621fcb2%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa5aba4b84c63147b33f82e2c18d126ce6333530a4bf3ec9bd11de4f1830061e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xMJVCLr9nNR90L%2FvNVnjzZpYpLGkou8vbwFUsdXDcDGfXhoMZ5ftYzsNPIJBCmvf6EEM5RWfvzH3w8o7bBs0Ueb4QQAjl%2FkikMVkbm7cYIG9YCmXSwvE8F%2BMm0xDx2p2GDDka1z"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
767f460f5c60eea6-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%224650a81cb7403bc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22567af2dc03337a1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2257c5b32a012162d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c1b9de2d-caa5-44d0-8b45-21dd3621fcb2%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa5aba4b84c63147b33f82e2c18d126ce6333530a4bf3ec9bd11de4f1830061e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b%2Fb9vODIT44jGYD7%2FwPhQ3qaAMheH50YGVHxqBbtlwQ6ig9IRWqPD2iqzwRvkbvI%2BZDzEZgwSI%2B5xEnUGG7h4RB0UI1nnvwQwQDqBk03JpKhd%2BfPPBKq8k%2BrVOu5JyO%2FD2Yv5L2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
767f460f5c61eea6-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2b867f58211dbd1da51506f9b506b2046c5a30b3bdd57afe2c8686ecffb6c555

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 10 Nov 2022 13:53:19 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.56.62 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-56-62.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ba9b4c07572bf513625cfd579b75e15fca865796a1cc10b6006ddd9510ece7b5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.56.62 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-56-62.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
88023da094555f96baf9a7707cf72811506470da7586700b958a1fd0313c9df4

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.56.62 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-56-62.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
52f7a2c520d4a18898948a0e614716d528d6013a068fdca2c9475f92a52ad586

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=c1b9de2d-caa5-44d0-8b45-21dd3621fcb2%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=51398db7-32fa-4534-a7cf-489c9daeb3ee%3B3ac42044-b43f-4ec5-bb97-d7f2941fa1b0%3B5932b721-9e57-4666-8ea6-385efe5b06bc&l_pb_bid_id=67c1a779040057d%3B6868c1ac37c97c4%3B691708077cdd0dc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.36443430008789335
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93c7959c98c61f331e5e6f09b6b1cc84ece0ac1035df4bccf4cdfb3ba3b6d029

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:19 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 10 Nov 2022 13:53:19 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
bid
ad2.apx.appier.net/v1/prebid/ Frame 25A1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=cyfz-ulKDeKKSerFUAJtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=cyfz-ulKDeKKSerFUAJtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 13:53:20 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=cyfz-ulKDeKKSerFUAJtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 25A1
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=-PZ75VPpAceAVspkUAJtYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=-PZ75VPpAceAVspkUAJtYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Thu, 10 Nov 2022 13:53:20 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=-PZ75VPpAceAVspkUAJtYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
emome2
t.ssp.hinet.net/ Frame 96C2 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=932cd7bc-d6b5-4375-9bdb-42e5e7a70bc5
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 3855 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 9BA2 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b8e0a4b5719b1dbe244d62e7ae2fe8ab4b4dead2ef0dcef3abe6b135c4a9af75
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 25A1 		36 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b8e0a4b5719b1dbe244d62e7ae2fe8ab4b4dead2ef0dcef3abe6b135c4a9af75
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
integrator.js
adservice.google.co.nz/adsid/ Frame 50C4 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 50C4 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 50C4 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1830784028621896&correlator=4344249246943806&eid=21068767%2C31069103&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668088399116&lmt=1644386353&dlt=1668088397198&idt=1894&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=17450euis7x1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2075624007.1668088399&ga_sid=1668088399&ga_hid=1844057901&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
e993dde4d7c549c04c5d6d0f771faf6a007b507d3ac21d8d5c89a3af470330fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 2A71 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:19 GMT
expires
Fri, 10 Nov 2023 13:53:19 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 1E48 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1E48 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1E48 		491 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=856493508507732&correlator=3422360026705214&eid=31070749%2C31070836&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-39&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668088399339&lmt=1644386353&dlt=1668088397189&idt=2130&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jae37i1y1tr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=669303457.1668088399&ga_sid=1668088399&ga_hid=803641038&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
dbe33f010b38b05beb58eca2479346f155ec513351794c2b756b3b6573630b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 966B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:19 GMT
expires
Fri, 10 Nov 2023 13:53:19 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
emome2
t.ssp.hinet.net/ Frame 9BA2 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame 25A1 		30 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame 9BA2 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&n=573&o=1&d=1&b=2&ts=1&ii=2&FPCK=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:02 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
19
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
b6mJMwOROjbam2q5wI34Yx6EVAn0pxIyG5cPpXvyhgrIPsrP6XFyqg==
drawV2.js
cdn.holmesmind.com/js/ Frame 25A1 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14006&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&n=909&o=1&d=1&b=2&ts=1&ii=2&FPCK=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 10 Nov 2022 13:53:02 GMT
via
1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
19
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
ud1NueHql_N9FbNXxV4DDbFECHZU5ElGUYBfDzP5y4WGk37jcipAgQ==
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4OTUxMDhfMTY2ODA4ODM5OTQ5OSIsInVzZXJJZCI6IjYwMzI4OF8xNjY4MDg4Mzk5NDk5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMzAyMDc2XzE2NjgwODgzOTk0OTkiLCJwYWdlUGF0aCI6IiUyRmElMkZ5b3UteW91LW1pbmcteGluZy1qaS1qaW4tamluZy1saS1iZW4tc2ktd2FpLXppLXNpLW11LWppYS1zdS1qaW4tY2hhbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZ5b3UteW91LW1pbmcteGluZy1qaS1qaW4tamluZy1saS1iZW4tc2ktd2FpLXppLXNpLW11LWppYS1zdS1qaW4tY2hhbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjgwODgzOTk0OTl9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
server
nginx/1.14.0 (Ubuntu)
L2EveW91LXlvdS1taW5nLXhpbmctamktamluLWppbmctbGktYmVuLXNpLXdhaS16aS1zaS1tdS1qaWEtc3UtamluLWNoYW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		111 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveW91LXlvdS1taW5nLXhpbmctamktamluLWppbmctbGktYmVuLXNpLXdhaS16aS1zaS1tdS1qaWEtc3UtamluLWNoYW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
0727e4230c747bfd5429c4dd6ef31fed9e2cf334533588f8eae2f4c7da734547

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 05:47:56 GMT
server
nginx/1.18.0
etag
"62d8e88c-1ba7e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=37, origin; dur=405
accept-ranges
bytes
expires
Thu, 10 Nov 2022 14:53:20 GMT
cm
t.ssp.hinet.net/ Frame 9BA2 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&mp=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net/ Frame 9BA2 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net/pixel?bd=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net/ Frame 25A1 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net/pixel?bd=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a&t=50ef57&referrer=https%3A%2F%2Fwww.bg3.co
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 25A1 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&mp=ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 25A1 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=93719375431
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
557f5375c06f55779cabc029a5bb9927d5bce98ac8c10f19e70c78c7ab4e0bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
162
cdb
bidder.criteo.com/ Frame 25A1 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=63140332545
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
00f8e2172eae671779ab3d11aaea747cda870a24f148639ab09d6c5c2818bd4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-78.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:23:56 GMT
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1765
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
iuG6w3hlXB_vhSaYSHZBCH4TJ262gblhF2fnfdb_BPTRFRUPvnQslA==
events
bidder.criteo.com/csm/ Frame 25A1 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 25A1 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/ Frame 50C4 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
0e78789b90e02d8d65d3d803a70fd5a69d30ce77b5da364c701d3e1f85facd83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12423
x-xss-protection
0
cdb
bidder.criteo.com/ Frame 9BA2 		177 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=85652529901
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
eb2197d95180e62670e0c5d9f610b6284ea4babcb517e3a54613d493277a8da2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
cdb
bidder.criteo.com/ Frame 9BA2 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=27405452464
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
7e925b6441afb8aefeb49b145e35f24d865ccfc120b133a42df59d6f9f049e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 10 Nov 2022 13:53:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1E48 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
6c448e22b071007f78236790ebcd15019e8124dcaa938bb3f4cbc95ca8de8c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12448
x-xss-protection
0
events
bidder.criteo.com/csm/ Frame 9BA2 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame 9BA2 		0
211 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3BC5 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
de6786e3dee9b4cb44c7b7a03caf794c2403984d64764892c6e1cb0e750aaea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39997
x-xss-protection
0
server
cafe
etag
17910035999754069637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 13:53:20 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 25BF 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
b459c2f9ffc4418ddb40fdfea84a9275ff58fd4c7a9ee7e5893cdea7d3f7233e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40000
x-xss-protection
0
server
cafe
etag
5723063110257433454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 13:53:20 GMT
pixel;r=52324952;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=52324952;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1351935925-1668088399627;pbc=c1b9de2d-caa5-44d0-8b45-21dd3621fcb2;ns=0;ce=1;qjs=1;qv=ff7a2451-20221108120308;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668088400359;tzo=0;ogl=;ses=a95d0806-b7cd-4f18-85f0-e4c2af315f01
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 50C4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1E48 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:21 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
673ba7b377701a847a9f03a77fb40d55e1561f0afcbb7b84493c781b17f8f056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78183
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 10 Nov 2022 13:53:21 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageVisited&data=eyJzZXNzaW9uSWQiOiI4OTUxMDhfMTY2ODA4ODM5OTQ5OSIsInVzZXJJZCI6IjYwMzI4OF8xNjY4MDg4Mzk5NDk5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMzAyMDc2XzE2NjgwODgzOTk0OTkiLCJwYWdlUGF0aCI6IiUyRmElMkZ5b3UteW91LW1pbmcteGluZy1qaS1qaW4tamluZy1saS1iZW4tc2ktd2FpLXppLXNpLW11LWppYS1zdS1qaW4tY2hhbmcuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZ5b3UteW91LW1pbmcteGluZy1qaS1qaW4tamluZy1saS1iZW4tc2ktd2FpLXppLXNpLW11LWppYS1zdS1qaW4tY2hhbmcuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjgwODg0MDA3ODZ9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
server
nginx/1.14.0 (Ubuntu)
css2
fonts.googleapis.com/ 		3 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 13:48:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 13:53:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 70B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D048 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
e382d1723e25139e97e7dde36b533f40faeb45ef7e7dd4c51b1bad4cece70376
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EyXaRcWmvXbJSXdmnzBAcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-EyXaRcWmvXbJSXdmnzBAcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:21 GMT
expires
Thu, 10 Nov 2022 13:53:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F60A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49685
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A31 		783 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
195ac84bb452f0b7ae9d2bb99adbd3f606ad3162aeb71208db6433bf4cff70b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R1roEJA9rqc6h3-7wgOPPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-R1roEJA9rqc6h3-7wgOPPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:21 GMT
expires
Thu, 10 Nov 2022 13:53:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ Frame 25BF 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9f762e4f7d19c1c80fc5c7a52d06ae9633d803c130fda5c558655af54b031ef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119051
x-xss-protection
0
server
cafe
etag
12673989936022456839
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 13:53:21 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ Frame 3BC5 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9f762e4f7d19c1c80fc5c7a52d06ae9633d803c130fda5c558655af54b031ef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119051
x-xss-protection
0
server
cafe
etag
12673989936022456839
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Nov 2022 13:53:21 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 70B5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame F60A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D048 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110301&jk=1830784028621896&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110801&jk=856493508507732&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		146 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2297381152264312&correlator=514863926810375&eid=31070749%2C31070787%2C31070789%2C44761478&output=ldjh&gdfp_req=1&vrg=2022110301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-39&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74f083b69e39378%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue%26link_preview%3DnoPreviewPage%26link_preview_custom%3DnoPreviewPage-DESKTOP-NEW&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1668088401953&lmt=1668088401&dlt=1668088394284&idt=4689&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=191255158.1668088402&ga_sid=1668088402&ga_hid=1062&ga_fc=false&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
fd7fa2896a10ba33efafbe39d5afb9d7b7429b507ca46b2d41d0f7fb738be532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38337
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 86DE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:22 GMT
expires
Fri, 10 Nov 2023 13:53:22 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 13:53:22 GMT
generate_204
tpc.googlesyndication.com/ Frame 70B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CxsTCg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F60A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YvcYSQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame 3BC5 		379 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ffeb8017bb3a72c2af8d5835d5d25086dbd502e12a238a629a4617201bbf42de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 3BC5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3BC5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8DB5 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
c41222aa10a0bfc657a582d2d5e5d8e55364e2dc072ee441916a7c02396321d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10957
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 25BF 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
11f1ba9bef29e6d366ad785363699194364c2fcf41a6b33607268a7a0d63dfd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 25BF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 25BF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AF0C 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
04b4ac72e5129562c66e310eb8eb75290d53d9ffaf769aa625cb9638175630e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10428
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb70&_p=1062&cid=191255158.1668088402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668088402&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&dt=%E5%8F%88%E6%9C%89%E6%98%8E%E6%98%9F%E5%9F%BA%E9%87%91%E7%B6%93%E7%90%86%E2%80%9C%E5%A5%94%E7%A7%81%E2%80%9D%E5%A4%96%E8%B3%87%E7%A7%81%E5%8B%9F%E5%8A%A0%E9%80%9F%E9%80%B2%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview_to_pub_ga_failed_unique&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 11 Nov 2022 13:53:23 GMT
container.html
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame E208 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:22 GMT
expires
Fri, 10 Nov 2023 13:53:22 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210191347000/ Frame FAB4 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:42 GMT
age
82241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61564
x-xss-protection
0
server
sffe
etag
"84cdcac007f64412"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame FAB4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:43:30 GMT
age
83393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5198
x-xss-protection
0
server
sffe
etag
"aeb1502543fb438c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:43:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame FAB4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:03:49 GMT
age
82174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28845
x-xss-protection
0
server
sffe
etag
"fdb7364f8f067758"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:03:49 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame FAB4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 15:02:51 GMT
age
82232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1912
x-xss-protection
0
server
sffe
etag
"9f4a70ec77acc0d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 15:02:51 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210191347000/v0/ Frame FAB4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 09 Nov 2022 14:55:03 GMT
age
82700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"2923b90bb7365105"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 09 Nov 2023 14:55:03 GMT
truncated
/ Frame FAB4 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80f338ed0442acb02fb1e67b1225362181fb7b356688fb24fb5c805f69966bee

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 639C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110301.js?cb=31070787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
2988
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:22 GMT
expires
Fri, 10 Nov 2023 13:53:22 GMT
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4138776445536282835
tpc.googlesyndication.com/simgad/ Frame FAB4 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4138776445536282835?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlGtzP_dooKhYG4vcjbBr_kz9769Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
ea1c9e4766ce27bb6d3524ae47ad78e2552cec5bec03431c208cd94ee12a6b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3661
x-xss-protection
0
last-modified
Fri, 14 May 2021 08:08:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 Nov 2023 13:53:23 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FAB4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 07:09:54 GMT
x-content-type-options
nosniff
server
cafe
age
24209
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Fri, 11 Nov 2022 07:09:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FAB4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
age
29366
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 11 Nov 2022 05:43:57 GMT
l
www.google.com/ads/measurement/ Frame FAB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTn3Xv_ziVmFT1YY5_FH_eAAEwsfqsystqgUAEJEY6QLunQB0Qje8xYP8PSkEtlWLCLD5OrDi4yxQbnWpfzafKQ5h-U4g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame FAB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChWoVUgJtY6KyCL7fz7sPo8q3sA3LyrblaPOckt_pD7GUxYPyLhABILqEwDNgq-yxheAYoAGk3ZqLA8gBAuACAKgDAcgDCKoEpQJP0A4yGRv_p-aI08jC9cb1IR7zx1i1w3JitiJG-9A7k-XvxbXuUJ1oYX__ip4KR8o3j1UMEgwtGexFm86OQhFYVjmUdOySAyFHA5vmepWU_AWLbCz7MypzZ2XYpGPNya-eok0mb5B8BzsoIWygn0DkveUuXi0PVFfku9-trPYjsELY64oIrY0n2x3u_scAa5zo2jRqXhAxmy-pCxryGbTIOCMdpcDZ5qgcBvxqI_DnAavH2ZaIVUMQfUrdyXz1DnaDLF6UqcR6ovdCcsAUyVgvbUWphfrQYXeAV1d_c3Pzu9ArGAO7Ia_8pr3386NbliiWIrh-B5Joyri3zMMhJRVdO7c77oZe-fi5Zh7RSdr-yStN7N1SfTsWbN8XM7hT_SGYmZFeJcAE0uORqcgD4AQBkgUECAQYAZIFBAgFGASgBgKAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCPggHSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=rKsuGQIWyjo&uach_m=[UACH]&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10201.5&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlOWY4MjZiYy0wMDlkLTQ3YzAtOWM2Yi1hYzkzZDk0MmI0YTciLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTUyNzdmOTNkLTljZjgtNGNmZS1iODY1LWZmYWZjZDNlNTgwZiIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODA4ODQwMjk1NX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 13:53:23 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10202.699999809265&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlOWY4MjZiYy0wMDlkLTQ3YzAtOWM2Yi1hYzkzZDk0MmI0YTciLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTUyNzdmOTNkLTljZjgtNGNmZS1iODY1LWZmYWZjZDNlNTgwZiIsImNvdW50cnkiOiJOWiIsInNpdGVJZCI6NDI3NTMsInRpbWVTdGFtcCI6MTY2ODA4ODQwMjk1Nn0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 13:53:23 GMT
Server
nginx/1.18.0 (Ubuntu)
log
bi.adpushup.com/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bi.adpushup.com/log?pxRes=false&event=GAM_RESPONSE&c_b=10203.300000190735&data=eyJsaW5lSXRlbVR5cGUiOiJBZHgiLCJhdWN0aW9uSWQiOiJlOWY4MjZiYy0wMDlkLTQ3YzAtOWM2Yi1hYzkzZDk0MmI0YTciLCJjb21wdXRhdGlvbklkIjpudWxsLCJzbG90SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwicGFja2V0SWQiOiIwMDAwQTcwMS01Mjc3ZjkzZC05Y2Y4LTRjZmUtYjg2NS1mZmFmY2QzZTU4MGYiLCJjb3VudHJ5IjoiTloiLCJzaXRlSWQiOjQyNzUzLCJ0aW1lU3RhbXAiOjE2NjgwODg0MDI5NTZ9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
20.212.157.225 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 10 Nov 2022 13:53:23 GMT
Server
nginx/1.18.0 (Ubuntu)
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DB5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChQq6eaMV0KzBP22yWJVtDf98iQAL4rsf_4LjfKpl4kRH_V6U1QPSvCCqcRKcaerYSuZyyQ8oXEZm41szVzRI9jaSAPu9dkTMHHces6p8bOXm_dmU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5499 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGJamttcBMAE&v=APEucNXKMxEWBGysxQkCjH8kyM5i-pwPzr18rjkDcBdU1bG6Dso7KvDz7-Y747-VZWYbD1tprgnh1TfG-wS-33tAgYw6-NY8fQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8DB5 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkOEvzKbGz_GxNgyh9Xy5WMDnoDP7l_TVnX3b1vripFzCEdLhgsnPV2n6HS0gJ--mevwHvYXTHUdEMTBq9cWgxKn6gifwHrVBkXqdX95DSsUvn3fkRbgRkP4tT8XpU0eWj72FkFbCYJe5cculMJinm8Vk5Vw5QbSV2yhOAYn1SXr3hjko&cry=1&dbm_d=AKAmf-B7xXoTqiEi79of6SZ4IBLqGcBni5pGs_SYWLQxOoxRrPh_TiJOHgaG8x8ESFsgVAh21YYXVuMP6vLKCB-ykH_ZfX6Asu1RC0MaPkQOdvSgSJVApfzNQhlv6mPkjYAxwrOa0hsjxLEPlcU6EesUmEjQorDmp25TSTCsY4fbKRqwFtUBSQ5P1oUUm9wrGwRiTSR0GuUnnC8gBPTnITZnzKi3KAiUunEaz2u1VaZz7wkeI3GkDm3MtlcYI3NRT0xa0_SSjsOLwMuJwkgo0sr49cgwZOv_O4Aorpw6NUI7XGA1S5ipgMzqsy-9KnPFKkMbcjlZ1ck0pAZW7KmyuZYJX959om8F0U_p_xjCenGoop80Kb0bqNY135uh48w4CcHBnTAXmBbRiccgz1v1qUGdh-K6FMHXiiYQhMEF4Tp3YU8i4kDiIs5tI1Mr8ZwOBHGdOOnxTfJwTbb0YTqiFeM3GfcgokX4wgzZnk1v-VKx366IvN6PeVhyTCe-48Lzfm81eHzr9uXsuR3T5b4Nfk-dL6sQfHJiJvCR6E1evw73UenzQEsdDLGjEmMDZh3gFyCY-Re9OQslXI-sXCQBn1msIG9DOrazCOmDNcX_XqDMPLIDL5LSLekOX9jtpuNkIMP92qnq6mKZncUfDDdYdMaNEZsdMvdhG80-Tc8rftbvO5gymRwf3MfoLXm1p9SD9ibYn9Z-CD06LTgka5hvCsb1ppTZnCopV_9uEEKoFupayLKqbCOdzCEM6NC8VITATa_bRoon2OTVpd62xMX2p4c2L6MLQGsz4fUihXmTQxB-TrqqBkavd84t_DZQFBbkuuCCDs3CGORlQQ96nyuQz96PUtGEyx5AtaSzNvYxOf-Ozw6f8Sqz5gnhLBTuk80VUdIZvtjfbadRBHPp945MdZd5jvGUgYqpE8MVNVTSVPF0zmUnvR98Dq56caADabpupB2tPLXXNuxCfGpbas6xGnGQTI9X-oK1f7DPy3vzI0Gt_mf5xoTAlAeVoQpO_0mjvEMvGbyE_D1scHp2MvXMF0Qa8NT708ehwFk7RuOd7reLM1zkx6BhJi0ri5rEg7hcHk3S0oEF5-pzW2RZTUxdSOjEdG32o4_Ostw-focqi6Za9OMeCNO2BnShmGhVlTlh_cIK2jjd9y0Hm5Hu4w8UsX8fuY7E_-5VJEScOiy3HqX4C5vdWtLlkoHqRL7Bng6W7EQVul15OPao3ECiL3-mE0b0RQxS_oPBEPpEpZYXJSrdhsiIw5iY4opKd_Xriz1_9_eZG3iVSWIt0NSVBSXqHEnMhvr5Z93MthSXSkx4UO3K2NThTnpRFLU0fPY_0TcZF9otAKHyrxwupYh1oXQDB_F1HXvnrVGl7eMnpQQds2p1ldpyTjosdVnJ6paWsXfRtO8ILPZOG7SyRzNNm5jkA4qQDdmwn7WSY95JCJgRH4V3KsVnjozpiJqGEW-6rIa619_CgPnVlCkCaA7KM1VoR6uPE_YCyCJPKvpCx_tXeUB9hDukERhy0JUfGevIiEN4yFF_Dii-rY-sTiAlv-YsIzlzHowNMWmwzbM4PtyeTdP8GaWMrBFJDh3BpEiidH8SFCPWhUS-nYM7W4MB2kTUWydq75doWY7MvkqcIsnAsb3rpGWglpgZ0iDXVeoKHbwEnWrSc7jd7iWXVFPJnsiaeV3SZJsjXlF1fDIG1GZqNStS0x90f-MpyUwptkqzqtiZiqzfP3FLPPwZUoNUS6hQQwKWY1zFT98xQO_bO7srSPB0EmMEGwbXWZmOW7cjDEC5V47EZWFhZ4p8Tl7VRrMiEtbpnfxej8MVY1U2ar1bzUVDo6il53UfwHOBzI19_YLJHGaDMtCnfeZ-ZX38oqlPeY2uSEZ1cmLqUgIWaVpgNKBCQsv2nrAqzufGKpW3GmW0YA00av3DpDb5LChSR_dbFZOLpe7tEV0ZmsPe_2Aeccemr_MSp1EOP4E40sm1zTSTbIm0Xv06kREQuKjVJHEgzNL0ZQUp5Nr2uG2F3BRw-AOtim5FGX1K3rrxLmmo9w4uIXNAms4wcJJfpDh5SwnEu50xfHDxQvIfb_llk-eDP4PrSnlECU6hZ7i_36eBhoSUVVVx6vXzA4CdO2twLTGuIznBnyAr4bcP0cKrZPXk7gy6zFoT3VPITRoqM5ohn1NmFGbbS6b-pzXlSRQHK7e6ZHreTBee3O7J-iZRWBIYs56VH5Lx9aqlFoEy5F3GdDLTyTLW7N_oIQ1mPRwOaFVWEHetQaHe3EVEbUidA09Q4fvZYerynJbAhQ1rp1RYbD2fY1SiinGXaeF9A7CFVdKW1_2oxbWj_GGXcuTxbF34z9Gc-5ELGy27J1BFSknZBot0sU2q6Tpgm3LuT87F1kJTGj9BWAC8bnbbsVeuE9ULMM5zG1N6d5gsQBvzc8a3Na_PCB32QupyPMOXK-bPW5yOQyZF4g88HRG3xMkpDT-8BxGIR9qLzWt_om9ZoZLe4UQ9KgnXV-lm3l9t7goXGEGhep464Z7SlU5eeRtChFnRl-QMsSIb5w31Hq4ltKhJKzv5CT6GHxuXLeH7l626MTBlZAPoFUeG0oYVat4wUFzB3n1aKWSZOjyFhSdb9bEvudTz6S3f3juOuFZMIgibWFU75eU_WKonefXRet2xg_LrU8GMHXlRsNXlpAlqxw-e4rLK3Q3n80Qq_96l8tihLCx0PUjzInHnkFf0VmYe6H7ri-0VKBSB2TJb-Uguxyj1uatRFObqZKroH1ymTEOGIvR3yEJGukmgfyAN6xB61jbog1GwjfrK-pcLOwJ55rT6DJ84cfFrp-s4fVxW8lgTtcZaQFwpeF-D3LhvZgbFVi1lldMw3ytwNDKRrZweARwsvZj-K9u_SHKmoQkz9DXqCDh7LgQoR-Bb-XqaZ_RasGhWtXqkmBfPErwyjaCeh_78d3Dvri-uzVr81hov5HFKK9qdIwAZvycSWcbBh5f4pkXZOG7UkPwwltH_g7wczmSdzjjd5jXRMXhefJ0z4B7KVSCaCz2PoR9pnGMaOqzqF0n50HXqdYYMIiNNh0biysv5xWykab77y8ETFEvp4EHDPc7GTV1czkt4D3MdFxX8Yh45FAW24pLo4xPkdZ33Bw9zrwZaqmZSTyhVl8avJGzK6Bu809Qfa4FSPxP2c-lNf-5yIi3I4o8K56_w6YuM5eBEt6IYwTaL8nrZRLgUWwJD-dYZ0DgrXj6WSXy-iaMppWu-1Voz_TEbQtD-hX9NVwqQqgusimMk-kNBEm7geOMZd7Io9CzDH9bauFxufofC0MyVZt2uVoKIUtuhDAsTzT4Z06-DAZf8P6t6dwX9UFjRTP4RlqN0PKbvYQCCfQ&cid=CAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
3441d91b5fce8fa413f0f507c3b0a19a4f1477f89e2453a796710e496a0d4c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11207
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 8DB5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:17:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 8DB5 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
l
www.google.com/ads/measurement/ Frame 8DB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKyq580Z_--tBHiQfwpqaF5bkHaDOUGYdPSM1NO9tMExEvecVm_MPeD0pfl2tMFRVjQekVmyH_1ec3JnnBd9wfhYCgQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DB5 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B9A8 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNVLFnYZThEGh1gG9ljJ1MElX3fAhqCsLoMxSqn2G0eM7D8rqHxyTlZjMzp_vZ7JZoXsfOOLujz4Bhe3NghV8A-yVXGG4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EA3D 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRU3LTLKHdFYNjn2E8ZIexM6GtYhPlpm0HaOl3h7t_TYwvjv3aGVB8en8pNEBGXUUW1dGc8FezCnsSq-P9CDv6b3WCom4VW_opHql8wIa4gbq7StDgLleWGS_WqYHv9E1CoqzHyz49AnM0uY_VO8pZZVlEQn9S9Rn_FeYJNb3FnN_TxkjZdi9lkSZVc7SxUk_DSzwi&cry=1&dbm_d=AKAmf-Du5P4Gq1aU1958rBQ_96ky2UnizLxeEOLwTMgvLILBwBVBs-_055xAk5B4RDBw952SQzl3vad7SWXIvfCtFxJPEXAXRDd8usZ6o9YjG-F0445nQ0b1gh32nJggL6usEmLEFH7QY_zAUvCJnobsTb25GoQVxeb8UxXdi144d6IBPv-cbaL4kCYZmfrc8yemjdoVjHLf_LTR8l0puHtWfbgTipm1Xb-gykfJFSPZNVN6nAWRRphsyah3JmmtHcS5BO5kBgxhomy4-Vy8jh7i8xRsrSN7V35isTcOWib_HcjAQbKuctMw8ty-naJr-gQErFnMeabVXRVA0xOreZLRr_7CXDi-PgW3Xd_Mf23Bcg_qT2JQeTp8mljf72dsPjW974xHQedQmf5n7F12vlk-mLNXmro8aPUji-EvXUFw3OgZJFX1s7jOT-Am9tcu77S-fYkU5Yut-_mTu6Eg8GQGmh2JLL3BueTgzZ59Q7satHGKlKu-ROp_w_66SxRsxbUIFgHaLzOAEUtMmBBOKlf2ASr4qZ7fQcJMnEZBhCTwAqHWq0P-iEdoNzoJaIjSX2ors2yCEzBNq780DkG-H56jFCp8R5J-Z6R66n6QaRvJ-QR87gXxPqCymy7amfELla96Bm500b5qtNtiONj_dSioZfBTWgLB0EPsjWhLbD95TSCXqQn4JwM6HVWnJQtW55BHS9D51GqH-1iBgHMwtSLs3qxfhxNByzcl-PNv4NnyI9dtVLIk_tMuOGp70zt-ITqCsq-vQ9BLIG1d3mvhr9SWol71Fb8YmyekqVj21jcOVw_jMh0PD2tC0kRWGY2kmhGlwF7G5sm9yn7aFgirNQNkbVNNzwQgdfr5QlCyPbHBI0wNPtTGt9uZtNFErPeSljVyEMOAsULUxbWFEtyAnHciuP4zEWYqy-yX8i-NN2DNEZn-uH16YcSq0FSGY_9OLsCAMMKDebdjBDXQDphBnEudzJ6qpcsKEDr2B8tY7yM2aUEszk0RD2QL9kkefMEMv_oP4Zj5t5JR5gxjwZQtfS_oFWkuL1LCbAMRxAuRlE5yD6syI3hTIKwyz4fGcbgIc7RrveRCBHRiPJdkjNqwKAP-45-WYgIq0hespU3n2GOJRzNq4fStOGyVFjPeIpFeTewPUndNIYzuRVnD4FhTirwOlBxXEFlqirN65CVy3C3IdtrN5QK5WW3UNk37CuA00PDwtpp_F4WPxlHLXlysayMVUZ4HSbKlQBPRTHC-KJBeRMlQLSWbnmaiG0Jqz7i7Y2vW7GkdoVhGnwr8Q6p4YDmXy3rfdl-shWgpej6Uj5mC5JXE67yVkTOXw1u433Sh017_GQEb5HmvDzRaZaDjnV0ppIOt7LJRsuoGlbLFIkcOdcGcyJ5_7wcGrt64cTvh7KEk_D-ms5vSW2gPhmV0pg1Tj8urs0cAfhTOtbui5EFFE-9OqCC4J85USoQ6pjPTxRtkZ9E1rKaJkTQTaO3dd6KJLVDlPC8MbzZ2INKbiaX5CdDta-DE-_t6qmJdF3O0ls0Cg4E_yhfkb69DyEqIjrQxJ6Jy3uargGe6n4zP9dBaVFDYCZxgj5WO_FvWWOMtTAdbkr_cuoTIBHpjy4ykdBegKx5xZwkeZPAYVLtuFXnEhgSozgQFJXVAOmhEbIUdjhYf7NYRxZs76T7alNbjmqVR6e2MEkLwJRJ-ez2CqX8l24icM4M0510qdyb_1uO_hZ8oIOSEEPEhX786jor0vY0OeyFfWNr_p-gcslmbBs-rCkNbpGa62cH_Gx0elF5IWdEgI3WGxPdCJDjNLAYMu1QJKcCud6qcLngTlo4MmwzgOpCGMecUZrdXkdwNibvdPd62kBENCRDsi5RIRByzH9Jum4UE7ZAZgVAVTabBL5-7zV3m5e0x5hufYw_UeTklaAQ5Oh9Zrjp0UCmJAmf7eT7BiprbVZ8FbNjNzYcGY8QQm8BHbHp1R3D7l4Hg2Alrlz_Y5TAqdHjBRAOelGk2__HIMjNU-SBLH1vAg-qt4Ri3uXbZ-0m-w6sasQpedbh7vt3t_PKMvwt4_GjPv4uXrg-z-9NdH_iuhd9JZURcfOVGE4s-UmOXQ7sbQHJc3h4BCNptFER9ybjylap8L7guONTNRSYPlLErGAYkm8iDXHO70c6L67WYtRTIdEE_WQCzNV6NuvYP7zxdbO1ULVwNINebvsssUN8OAbhnuyeQ2izp0K5LLE9x0dC6DvBGtjU7QQLw0FdmwAk-NlIlS2CZq_KNPAcxei3-XkzwiAnbYS-2Fe_ZXxfCdO1UNXOLTXOH1maZwdwiO801fNkHP_oFOvaRIVVwCX-T9P5dqKLq1zibMRPk7LwUwdaiWFgFAL8O_Hq837_0VqAyFRDsFFHfF0VSf9GKy6rLp_a5xKeG7tlb8lTrgUcEz5UAe_OoSIrRQcDKeWFshMVhd4LQappipfwYAttYhD24vQmWnssarOzs4Pg1BakJeoMfdsrG9lYfjvyTx2zmeg-k6hB5Y0AZV2S94rsY6frwaFu56aLVYvWwkom83jRGVj3O_czSZJeBE5N6SLQFOAc68_C77VB6Q7sY4lDlmlSHpLcG6qDFUTLKAO34O1ekBIlxt6lYIz-ARVrOwe1I2s61TEB8TrFnZPzSmQqoP7wrYIdAVDo-P3MghCGG1NV_-O5mj_xI_xT6p2MZZ0syvhm3CmH3EzaT86WDXvYYgstIDJXFR-dSMnN-bCIuzo8-oycNS8NF3-QA_CDCjYMGZsvP4Xt9Jq5GDA4UWublwRG_tE4jxyMCds7GoQti2GRknKVusZATwro2YzdUIQkdDyEJ389pxy5buSOkfNjL2LxbSIY275qYgs1ags7Pa06eh37SX2x0PectBMYRa5M_fG9g0jSjIqMiwWwd603d4mPr8F96tB-docH-Fey69GnVUbzSRcapqj4Bm1hq093hJV8rM7LW3DN5MslwCcsEditx1BFlGxVvhs6CKUhN-Fisp1TUetOGXjCnKeOgKrDjM3U7xElbARFMjMEduKg0d2Sgtxg6iyN4bkrrobnYCe4sLvitS0yOWObjnQMvTw6tRGqJyIvPL9fm0CVgrVtfgghZ2CD-SO9NTb9H859yIK9MGnc0xZkiTUqvZIBa4YPyN0RbQu7qSSkRReXn0gy_5BpAsjkKad6eYZ1enErG813tzeN9Idx_NoGcu9fSQ11DXflK3RmqJVWknxf2p1UE39vhWxQu-g_RUasx9KFUbVBQFGITFW66QW93omagYUYfUln99eHkHfAX_Ts6-Bf5dbcXsaJYy84j4yk6HYUI4jDqKBc5VJKxA_WKj5hswgOAS4bUoqNKy-ncTl1qWOCKztcG1gvCeWrMj9cw6EErTvWcvpXFdXF6LUl4ZpHGhNqzKayUGoehCe8eXYu2941QRPtZpOMuJNooCA5yQIF4cFp6nBFD09lKN4H_oZx_xZ_C7i66PrYlG4IBm4hSDfoeIcPDBoH-t-RWDgtr19jVi1lhtyAHy2dUAzKDjChQrZWxt4VJ&cid=CAQSKQDq26N9jauw9OaPSEkRuAdMSKAuFGubHx6xR_Xzm2L9-f56udVat6VgGAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
7575f980f077f6906187edf2bd479544f42e6be3dfc147a50c0aee6004ba2d81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34119
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame EA3D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:17:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame EA3D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
l
www.google.com/ads/measurement/ Frame EA3D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsf5cnRzaS3QAiQHWfv598I4DLIcWQdBOwE4vqPqNUgLI9LGNAYBs6RCkIPz13r8YCr24EbiYr5_7rZxjunSg6No8wfg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA3D 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA3D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bc4B6xeo0IAsTXby8X3FrDRcgZFrnk6vxsqWeq5RvELrJRfh-Z-slz9WPnK1ntX2pyUrRBSUEEL4s3pzylBLTp9uV-Jf2xWlMUAszP5mkdZ2JGswc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5499
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGJamttcBMAE&v=APEucNXKMxEWBGysxQkCjH8kyM5i-pwPzr18rjkDcBdU1bG6Dso7KvDz7-Y747-VZWYbD1tprgnh1TfG-wS-33tAgYw6-NY8fQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 5499
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y20CVPzpdxSAg-rEDcIB.wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGJamttcBMAE&v=APEucNXKMxEWBGysxQkCjH8kyM5i-pwPzr18rjkDcBdU1bG6Dso7KvDz7-Y747-VZWYbD1tprgnh1TfG-wS-33tAgYw6-NY8fQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5499
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGJamttcBMAE&v=APEucNXKMxEWBGysxQkCjH8kyM5i-pwPzr18rjkDcBdU1bG6Dso7KvDz7-Y747-VZWYbD1tprgnh1TfG-wS-33tAgYw6-NY8fQ
Protocol
HTTP/1.1
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:23 GMT
AN-X-Request-Uuid
e0e759c8-bff0-4b9c-b032-e4f06fa2f5c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5499
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGJamttcBMAE&v=APEucNXKMxEWBGysxQkCjH8kyM5i-pwPzr18rjkDcBdU1bG6Dso7KvDz7-Y747-VZWYbD1tprgnh1TfG-wS-33tAgYw6-NY8fQ
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 13:53:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fae94efc-eaa4-49a1-9d79-fe2186818177
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8DB5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkOEvzKbGz_GxNgyh9Xy5WMDnoDP7l_TVnX3b1vripFzCEdLhgsnPV2n6HS0gJ--mevwHvYXTHUdEMTBq9cWgxKn6gifwHrVBkXqdX95DSsUvn3fkRbgRkP4tT8XpU0eWj72FkFbCYJe5cculMJinm8Vk5Vw5QbSV2yhOAYn1SXr3hjko&cry=1&dbm_d=AKAmf-B7xXoTqiEi79of6SZ4IBLqGcBni5pGs_SYWLQxOoxRrPh_TiJOHgaG8x8ESFsgVAh21YYXVuMP6vLKCB-ykH_ZfX6Asu1RC0MaPkQOdvSgSJVApfzNQhlv6mPkjYAxwrOa0hsjxLEPlcU6EesUmEjQorDmp25TSTCsY4fbKRqwFtUBSQ5P1oUUm9wrGwRiTSR0GuUnnC8gBPTnITZnzKi3KAiUunEaz2u1VaZz7wkeI3GkDm3MtlcYI3NRT0xa0_SSjsOLwMuJwkgo0sr49cgwZOv_O4Aorpw6NUI7XGA1S5ipgMzqsy-9KnPFKkMbcjlZ1ck0pAZW7KmyuZYJX959om8F0U_p_xjCenGoop80Kb0bqNY135uh48w4CcHBnTAXmBbRiccgz1v1qUGdh-K6FMHXiiYQhMEF4Tp3YU8i4kDiIs5tI1Mr8ZwOBHGdOOnxTfJwTbb0YTqiFeM3GfcgokX4wgzZnk1v-VKx366IvN6PeVhyTCe-48Lzfm81eHzr9uXsuR3T5b4Nfk-dL6sQfHJiJvCR6E1evw73UenzQEsdDLGjEmMDZh3gFyCY-Re9OQslXI-sXCQBn1msIG9DOrazCOmDNcX_XqDMPLIDL5LSLekOX9jtpuNkIMP92qnq6mKZncUfDDdYdMaNEZsdMvdhG80-Tc8rftbvO5gymRwf3MfoLXm1p9SD9ibYn9Z-CD06LTgka5hvCsb1ppTZnCopV_9uEEKoFupayLKqbCOdzCEM6NC8VITATa_bRoon2OTVpd62xMX2p4c2L6MLQGsz4fUihXmTQxB-TrqqBkavd84t_DZQFBbkuuCCDs3CGORlQQ96nyuQz96PUtGEyx5AtaSzNvYxOf-Ozw6f8Sqz5gnhLBTuk80VUdIZvtjfbadRBHPp945MdZd5jvGUgYqpE8MVNVTSVPF0zmUnvR98Dq56caADabpupB2tPLXXNuxCfGpbas6xGnGQTI9X-oK1f7DPy3vzI0Gt_mf5xoTAlAeVoQpO_0mjvEMvGbyE_D1scHp2MvXMF0Qa8NT708ehwFk7RuOd7reLM1zkx6BhJi0ri5rEg7hcHk3S0oEF5-pzW2RZTUxdSOjEdG32o4_Ostw-focqi6Za9OMeCNO2BnShmGhVlTlh_cIK2jjd9y0Hm5Hu4w8UsX8fuY7E_-5VJEScOiy3HqX4C5vdWtLlkoHqRL7Bng6W7EQVul15OPao3ECiL3-mE0b0RQxS_oPBEPpEpZYXJSrdhsiIw5iY4opKd_Xriz1_9_eZG3iVSWIt0NSVBSXqHEnMhvr5Z93MthSXSkx4UO3K2NThTnpRFLU0fPY_0TcZF9otAKHyrxwupYh1oXQDB_F1HXvnrVGl7eMnpQQds2p1ldpyTjosdVnJ6paWsXfRtO8ILPZOG7SyRzNNm5jkA4qQDdmwn7WSY95JCJgRH4V3KsVnjozpiJqGEW-6rIa619_CgPnVlCkCaA7KM1VoR6uPE_YCyCJPKvpCx_tXeUB9hDukERhy0JUfGevIiEN4yFF_Dii-rY-sTiAlv-YsIzlzHowNMWmwzbM4PtyeTdP8GaWMrBFJDh3BpEiidH8SFCPWhUS-nYM7W4MB2kTUWydq75doWY7MvkqcIsnAsb3rpGWglpgZ0iDXVeoKHbwEnWrSc7jd7iWXVFPJnsiaeV3SZJsjXlF1fDIG1GZqNStS0x90f-MpyUwptkqzqtiZiqzfP3FLPPwZUoNUS6hQQwKWY1zFT98xQO_bO7srSPB0EmMEGwbXWZmOW7cjDEC5V47EZWFhZ4p8Tl7VRrMiEtbpnfxej8MVY1U2ar1bzUVDo6il53UfwHOBzI19_YLJHGaDMtCnfeZ-ZX38oqlPeY2uSEZ1cmLqUgIWaVpgNKBCQsv2nrAqzufGKpW3GmW0YA00av3DpDb5LChSR_dbFZOLpe7tEV0ZmsPe_2Aeccemr_MSp1EOP4E40sm1zTSTbIm0Xv06kREQuKjVJHEgzNL0ZQUp5Nr2uG2F3BRw-AOtim5FGX1K3rrxLmmo9w4uIXNAms4wcJJfpDh5SwnEu50xfHDxQvIfb_llk-eDP4PrSnlECU6hZ7i_36eBhoSUVVVx6vXzA4CdO2twLTGuIznBnyAr4bcP0cKrZPXk7gy6zFoT3VPITRoqM5ohn1NmFGbbS6b-pzXlSRQHK7e6ZHreTBee3O7J-iZRWBIYs56VH5Lx9aqlFoEy5F3GdDLTyTLW7N_oIQ1mPRwOaFVWEHetQaHe3EVEbUidA09Q4fvZYerynJbAhQ1rp1RYbD2fY1SiinGXaeF9A7CFVdKW1_2oxbWj_GGXcuTxbF34z9Gc-5ELGy27J1BFSknZBot0sU2q6Tpgm3LuT87F1kJTGj9BWAC8bnbbsVeuE9ULMM5zG1N6d5gsQBvzc8a3Na_PCB32QupyPMOXK-bPW5yOQyZF4g88HRG3xMkpDT-8BxGIR9qLzWt_om9ZoZLe4UQ9KgnXV-lm3l9t7goXGEGhep464Z7SlU5eeRtChFnRl-QMsSIb5w31Hq4ltKhJKzv5CT6GHxuXLeH7l626MTBlZAPoFUeG0oYVat4wUFzB3n1aKWSZOjyFhSdb9bEvudTz6S3f3juOuFZMIgibWFU75eU_WKonefXRet2xg_LrU8GMHXlRsNXlpAlqxw-e4rLK3Q3n80Qq_96l8tihLCx0PUjzInHnkFf0VmYe6H7ri-0VKBSB2TJb-Uguxyj1uatRFObqZKroH1ymTEOGIvR3yEJGukmgfyAN6xB61jbog1GwjfrK-pcLOwJ55rT6DJ84cfFrp-s4fVxW8lgTtcZaQFwpeF-D3LhvZgbFVi1lldMw3ytwNDKRrZweARwsvZj-K9u_SHKmoQkz9DXqCDh7LgQoR-Bb-XqaZ_RasGhWtXqkmBfPErwyjaCeh_78d3Dvri-uzVr81hov5HFKK9qdIwAZvycSWcbBh5f4pkXZOG7UkPwwltH_g7wczmSdzjjd5jXRMXhefJ0z4B7KVSCaCz2PoR9pnGMaOqzqF0n50HXqdYYMIiNNh0biysv5xWykab77y8ETFEvp4EHDPc7GTV1czkt4D3MdFxX8Yh45FAW24pLo4xPkdZ33Bw9zrwZaqmZSTyhVl8avJGzK6Bu809Qfa4FSPxP2c-lNf-5yIi3I4o8K56_w6YuM5eBEt6IYwTaL8nrZRLgUWwJD-dYZ0DgrXj6WSXy-iaMppWu-1Voz_TEbQtD-hX9NVwqQqgusimMk-kNBEm7geOMZd7Io9CzDH9bauFxufofC0MyVZt2uVoKIUtuhDAsTzT4Z06-DAZf8P6t6dwX9UFjRTP4RlqN0PKbvYQCCfQ&cid=CAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw&rfl=4%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 06:54:12 GMT
frm
www.adtrek.co/adserver/ Frame 9FCF 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b43aa3339f4fa807980d2eda6bceb9ab64155de876d9c6797921c5e04fd342d4

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
13146
Content-Type
text/html; charset=utf-8
Date
Thu, 10 Nov 2022 13:53:21 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE4F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8DB5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e479b94c84d13eeece48dd4232c5224e12ed492c64f0c34986174cc8749a91c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame B9A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNVLFnYZThEGh1gG9ljJ1MElX3fAhqCsLoMxSqn2G0eM7D8rqHxyTlZjMzp_vZ7JZoXsfOOLujz4Bhe3NghV8A-yVXGG4A
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:24 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame B9A8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y20CVPzpdxSAg-rEDcIB.wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNVLFnYZThEGh1gG9ljJ1MElX3fAhqCsLoMxSqn2G0eM7D8rqHxyTlZjMzp_vZ7JZoXsfOOLujz4Bhe3NghV8A-yVXGG4A
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMXriztDM703i0t2Xz7Ymdc&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B9A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNVLFnYZThEGh1gG9ljJ1MElX3fAhqCsLoMxSqn2G0eM7D8rqHxyTlZjMzp_vZ7JZoXsfOOLujz4Bhe3NghV8A-yVXGG4A
Protocol
HTTP/1.1
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:23 GMT
AN-X-Request-Uuid
6a2fa9da-cb39-4053-a48f-a66b649d1cd9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIP54GY7bmmm8CfZG-vp36Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B9A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDPjYECGO3C9tcBMAE&v=APEucNVLFnYZThEGh1gG9ljJ1MElX3fAhqCsLoMxSqn2G0eM7D8rqHxyTlZjMzp_vZ7JZoXsfOOLujz4Bhe3NghV8A-yVXGG4A
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 13:53:23 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
29bd5f07-5f75-417d-9338-ec8a63bdace6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame E208 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite_fy2021.js
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 05:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
28914
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9353
x-xss-protection
0
server
cafe
etag
2177555007986509113
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 05:51:29 GMT
css
fonts.googleapis.com/ Frame E208 		8 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 13:12:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Nov 2022 13:53:23 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/ Frame E208 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.css
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 23:33:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 11:42:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 23:33:30 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/ Frame E208 		373 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
sffe /
Resource Hash
b903a1dd4ba4cffdd671974e77e54f6eefd21ab204e608db6db3f31dff94cc2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 23:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129623
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 11:42:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 23:24:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame E208 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
l
www.google.com/ads/measurement/ Frame E208 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZ8ig6P_AOspIKsQ1kS6kFcHfCHa6Xlnd1Q0fJZiEfqy5EWuKHzFpPH3ZOhP0pbbdPTQeYlsJ3FgeiasVC5-onJfST1w
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 639C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzypBUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoElgJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7v8YkK2Iltf5Gz6zEz32TmHv8gRKYN7aPXAeYVaK0YPshF2D_VSK-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=D3rKUE_AqdE&uach_m=[UACH]&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 639C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMz_FPn1BnjYBGL4LRICAAAA-ONZtFtuTcMQUgJtY7XBK0l8m8jHSJAvABIAAA&wp=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
172534
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame A1E4 		46 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d2144052b80e6e097b5a52a0306c48b94c2e7a167ace68dcafae78df9896808f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:23 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Ta9eUzELK9yfQtGlri33bLyfQJo4MhAFh6l96ZqTZ9PPR7mYcTuKlK-DQrG1UkvHvfSVsOkBQYJVoi1MP1I66SyJwMp2aSJMB5TQZtR60V2CY7wJK7JJfyEew8oFb7K6s5c_weTIgsu3Zo5ovXdzq1m_PVdxrQ7Qo5yZhmecPAufdYv3TYXTvfSBy2r3ErRZ3QkGUYgglw3NZSeqfhwZcdaXFdRe5s_7bhsWzgFobJTgnAcqN5t4gZKW1SCH6unPzmdnrA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
13529567
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 639C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/window_focus_fy2021.js
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 06:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27345
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 06:17:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ACE8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/ Frame 639C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:05:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
49668
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7380
x-xss-protection
0
server
cafe
etag
12918171938167859976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:05:35 GMT
l
www.google.com/ads/measurement/ Frame 639C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWdyi8cCTIxuRGu-zL72eQy_AcLsfSMnrCbwgIqdvbtikf6SWYq3bl3xdnPoAmZcBLSfNvWENuiCYI6U1B6AksJ3iPNg
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 639C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7370
x-xss-protection
0
last-modified
Tue, 25 Oct 2022 18:59:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Nov 2023 06:56:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 639C 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48226
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1667997631252355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FAB4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 10 Nov 2022 13:53:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EA3D 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 16:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Nov 2022 16:06:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/elements/html/ Frame EA3D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRU3LTLKHdFYNjn2E8ZIexM6GtYhPlpm0HaOl3h7t_TYwvjv3aGVB8en8pNEBGXUUW1dGc8FezCnsSq-P9CDv6b3WCom4VW_opHql8wIa4gbq7StDgLleWGS_WqYHv9E1CoqzHyz49AnM0uY_VO8pZZVlEQn9S9Rn_FeYJNb3FnN_TxkjZdi9lkSZVc7SxUk_DSzwi&cry=1&dbm_d=AKAmf-Du5P4Gq1aU1958rBQ_96ky2UnizLxeEOLwTMgvLILBwBVBs-_055xAk5B4RDBw952SQzl3vad7SWXIvfCtFxJPEXAXRDd8usZ6o9YjG-F0445nQ0b1gh32nJggL6usEmLEFH7QY_zAUvCJnobsTb25GoQVxeb8UxXdi144d6IBPv-cbaL4kCYZmfrc8yemjdoVjHLf_LTR8l0puHtWfbgTipm1Xb-gykfJFSPZNVN6nAWRRphsyah3JmmtHcS5BO5kBgxhomy4-Vy8jh7i8xRsrSN7V35isTcOWib_HcjAQbKuctMw8ty-naJr-gQErFnMeabVXRVA0xOreZLRr_7CXDi-PgW3Xd_Mf23Bcg_qT2JQeTp8mljf72dsPjW974xHQedQmf5n7F12vlk-mLNXmro8aPUji-EvXUFw3OgZJFX1s7jOT-Am9tcu77S-fYkU5Yut-_mTu6Eg8GQGmh2JLL3BueTgzZ59Q7satHGKlKu-ROp_w_66SxRsxbUIFgHaLzOAEUtMmBBOKlf2ASr4qZ7fQcJMnEZBhCTwAqHWq0P-iEdoNzoJaIjSX2ors2yCEzBNq780DkG-H56jFCp8R5J-Z6R66n6QaRvJ-QR87gXxPqCymy7amfELla96Bm500b5qtNtiONj_dSioZfBTWgLB0EPsjWhLbD95TSCXqQn4JwM6HVWnJQtW55BHS9D51GqH-1iBgHMwtSLs3qxfhxNByzcl-PNv4NnyI9dtVLIk_tMuOGp70zt-ITqCsq-vQ9BLIG1d3mvhr9SWol71Fb8YmyekqVj21jcOVw_jMh0PD2tC0kRWGY2kmhGlwF7G5sm9yn7aFgirNQNkbVNNzwQgdfr5QlCyPbHBI0wNPtTGt9uZtNFErPeSljVyEMOAsULUxbWFEtyAnHciuP4zEWYqy-yX8i-NN2DNEZn-uH16YcSq0FSGY_9OLsCAMMKDebdjBDXQDphBnEudzJ6qpcsKEDr2B8tY7yM2aUEszk0RD2QL9kkefMEMv_oP4Zj5t5JR5gxjwZQtfS_oFWkuL1LCbAMRxAuRlE5yD6syI3hTIKwyz4fGcbgIc7RrveRCBHRiPJdkjNqwKAP-45-WYgIq0hespU3n2GOJRzNq4fStOGyVFjPeIpFeTewPUndNIYzuRVnD4FhTirwOlBxXEFlqirN65CVy3C3IdtrN5QK5WW3UNk37CuA00PDwtpp_F4WPxlHLXlysayMVUZ4HSbKlQBPRTHC-KJBeRMlQLSWbnmaiG0Jqz7i7Y2vW7GkdoVhGnwr8Q6p4YDmXy3rfdl-shWgpej6Uj5mC5JXE67yVkTOXw1u433Sh017_GQEb5HmvDzRaZaDjnV0ppIOt7LJRsuoGlbLFIkcOdcGcyJ5_7wcGrt64cTvh7KEk_D-ms5vSW2gPhmV0pg1Tj8urs0cAfhTOtbui5EFFE-9OqCC4J85USoQ6pjPTxRtkZ9E1rKaJkTQTaO3dd6KJLVDlPC8MbzZ2INKbiaX5CdDta-DE-_t6qmJdF3O0ls0Cg4E_yhfkb69DyEqIjrQxJ6Jy3uargGe6n4zP9dBaVFDYCZxgj5WO_FvWWOMtTAdbkr_cuoTIBHpjy4ykdBegKx5xZwkeZPAYVLtuFXnEhgSozgQFJXVAOmhEbIUdjhYf7NYRxZs76T7alNbjmqVR6e2MEkLwJRJ-ez2CqX8l24icM4M0510qdyb_1uO_hZ8oIOSEEPEhX786jor0vY0OeyFfWNr_p-gcslmbBs-rCkNbpGa62cH_Gx0elF5IWdEgI3WGxPdCJDjNLAYMu1QJKcCud6qcLngTlo4MmwzgOpCGMecUZrdXkdwNibvdPd62kBENCRDsi5RIRByzH9Jum4UE7ZAZgVAVTabBL5-7zV3m5e0x5hufYw_UeTklaAQ5Oh9Zrjp0UCmJAmf7eT7BiprbVZ8FbNjNzYcGY8QQm8BHbHp1R3D7l4Hg2Alrlz_Y5TAqdHjBRAOelGk2__HIMjNU-SBLH1vAg-qt4Ri3uXbZ-0m-w6sasQpedbh7vt3t_PKMvwt4_GjPv4uXrg-z-9NdH_iuhd9JZURcfOVGE4s-UmOXQ7sbQHJc3h4BCNptFER9ybjylap8L7guONTNRSYPlLErGAYkm8iDXHO70c6L67WYtRTIdEE_WQCzNV6NuvYP7zxdbO1ULVwNINebvsssUN8OAbhnuyeQ2izp0K5LLE9x0dC6DvBGtjU7QQLw0FdmwAk-NlIlS2CZq_KNPAcxei3-XkzwiAnbYS-2Fe_ZXxfCdO1UNXOLTXOH1maZwdwiO801fNkHP_oFOvaRIVVwCX-T9P5dqKLq1zibMRPk7LwUwdaiWFgFAL8O_Hq837_0VqAyFRDsFFHfF0VSf9GKy6rLp_a5xKeG7tlb8lTrgUcEz5UAe_OoSIrRQcDKeWFshMVhd4LQappipfwYAttYhD24vQmWnssarOzs4Pg1BakJeoMfdsrG9lYfjvyTx2zmeg-k6hB5Y0AZV2S94rsY6frwaFu56aLVYvWwkom83jRGVj3O_czSZJeBE5N6SLQFOAc68_C77VB6Q7sY4lDlmlSHpLcG6qDFUTLKAO34O1ekBIlxt6lYIz-ARVrOwe1I2s61TEB8TrFnZPzSmQqoP7wrYIdAVDo-P3MghCGG1NV_-O5mj_xI_xT6p2MZZ0syvhm3CmH3EzaT86WDXvYYgstIDJXFR-dSMnN-bCIuzo8-oycNS8NF3-QA_CDCjYMGZsvP4Xt9Jq5GDA4UWublwRG_tE4jxyMCds7GoQti2GRknKVusZATwro2YzdUIQkdDyEJ389pxy5buSOkfNjL2LxbSIY275qYgs1ags7Pa06eh37SX2x0PectBMYRa5M_fG9g0jSjIqMiwWwd603d4mPr8F96tB-docH-Fey69GnVUbzSRcapqj4Bm1hq093hJV8rM7LW3DN5MslwCcsEditx1BFlGxVvhs6CKUhN-Fisp1TUetOGXjCnKeOgKrDjM3U7xElbARFMjMEduKg0d2Sgtxg6iyN4bkrrobnYCe4sLvitS0yOWObjnQMvTw6tRGqJyIvPL9fm0CVgrVtfgghZ2CD-SO9NTb9H859yIK9MGnc0xZkiTUqvZIBa4YPyN0RbQu7qSSkRReXn0gy_5BpAsjkKad6eYZ1enErG813tzeN9Idx_NoGcu9fSQ11DXflK3RmqJVWknxf2p1UE39vhWxQu-g_RUasx9KFUbVBQFGITFW66QW93omagYUYfUln99eHkHfAX_Ts6-Bf5dbcXsaJYy84j4yk6HYUI4jDqKBc5VJKxA_WKj5hswgOAS4bUoqNKy-ncTl1qWOCKztcG1gvCeWrMj9cw6EErTvWcvpXFdXF6LUl4ZpHGhNqzKayUGoehCe8eXYu2941QRPtZpOMuJNooCA5yQIF4cFp6nBFD09lKN4H_oZx_xZ_C7i66PrYlG4IBm4hSDfoeIcPDBoH-t-RWDgtr19jVi1lhtyAHy2dUAzKDjChQrZWxt4VJ&cid=CAQSKQDq26N9jauw9OaPSEkRuAdMSKAuFGubHx6xR_Xzm2L9-f56udVat6VgGAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 18:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
71506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Nov 2022 18:01:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/ Frame EA3D 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221108/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRU3LTLKHdFYNjn2E8ZIexM6GtYhPlpm0HaOl3h7t_TYwvjv3aGVB8en8pNEBGXUUW1dGc8FezCnsSq-P9CDv6b3WCom4VW_opHql8wIa4gbq7StDgLleWGS_WqYHv9E1CoqzHyz49AnM0uY_VO8pZZVlEQn9S9Rn_FeYJNb3FnN_TxkjZdi9lkSZVc7SxUk_DSzwi&cry=1&dbm_d=AKAmf-Du5P4Gq1aU1958rBQ_96ky2UnizLxeEOLwTMgvLILBwBVBs-_055xAk5B4RDBw952SQzl3vad7SWXIvfCtFxJPEXAXRDd8usZ6o9YjG-F0445nQ0b1gh32nJggL6usEmLEFH7QY_zAUvCJnobsTb25GoQVxeb8UxXdi144d6IBPv-cbaL4kCYZmfrc8yemjdoVjHLf_LTR8l0puHtWfbgTipm1Xb-gykfJFSPZNVN6nAWRRphsyah3JmmtHcS5BO5kBgxhomy4-Vy8jh7i8xRsrSN7V35isTcOWib_HcjAQbKuctMw8ty-naJr-gQErFnMeabVXRVA0xOreZLRr_7CXDi-PgW3Xd_Mf23Bcg_qT2JQeTp8mljf72dsPjW974xHQedQmf5n7F12vlk-mLNXmro8aPUji-EvXUFw3OgZJFX1s7jOT-Am9tcu77S-fYkU5Yut-_mTu6Eg8GQGmh2JLL3BueTgzZ59Q7satHGKlKu-ROp_w_66SxRsxbUIFgHaLzOAEUtMmBBOKlf2ASr4qZ7fQcJMnEZBhCTwAqHWq0P-iEdoNzoJaIjSX2ors2yCEzBNq780DkG-H56jFCp8R5J-Z6R66n6QaRvJ-QR87gXxPqCymy7amfELla96Bm500b5qtNtiONj_dSioZfBTWgLB0EPsjWhLbD95TSCXqQn4JwM6HVWnJQtW55BHS9D51GqH-1iBgHMwtSLs3qxfhxNByzcl-PNv4NnyI9dtVLIk_tMuOGp70zt-ITqCsq-vQ9BLIG1d3mvhr9SWol71Fb8YmyekqVj21jcOVw_jMh0PD2tC0kRWGY2kmhGlwF7G5sm9yn7aFgirNQNkbVNNzwQgdfr5QlCyPbHBI0wNPtTGt9uZtNFErPeSljVyEMOAsULUxbWFEtyAnHciuP4zEWYqy-yX8i-NN2DNEZn-uH16YcSq0FSGY_9OLsCAMMKDebdjBDXQDphBnEudzJ6qpcsKEDr2B8tY7yM2aUEszk0RD2QL9kkefMEMv_oP4Zj5t5JR5gxjwZQtfS_oFWkuL1LCbAMRxAuRlE5yD6syI3hTIKwyz4fGcbgIc7RrveRCBHRiPJdkjNqwKAP-45-WYgIq0hespU3n2GOJRzNq4fStOGyVFjPeIpFeTewPUndNIYzuRVnD4FhTirwOlBxXEFlqirN65CVy3C3IdtrN5QK5WW3UNk37CuA00PDwtpp_F4WPxlHLXlysayMVUZ4HSbKlQBPRTHC-KJBeRMlQLSWbnmaiG0Jqz7i7Y2vW7GkdoVhGnwr8Q6p4YDmXy3rfdl-shWgpej6Uj5mC5JXE67yVkTOXw1u433Sh017_GQEb5HmvDzRaZaDjnV0ppIOt7LJRsuoGlbLFIkcOdcGcyJ5_7wcGrt64cTvh7KEk_D-ms5vSW2gPhmV0pg1Tj8urs0cAfhTOtbui5EFFE-9OqCC4J85USoQ6pjPTxRtkZ9E1rKaJkTQTaO3dd6KJLVDlPC8MbzZ2INKbiaX5CdDta-DE-_t6qmJdF3O0ls0Cg4E_yhfkb69DyEqIjrQxJ6Jy3uargGe6n4zP9dBaVFDYCZxgj5WO_FvWWOMtTAdbkr_cuoTIBHpjy4ykdBegKx5xZwkeZPAYVLtuFXnEhgSozgQFJXVAOmhEbIUdjhYf7NYRxZs76T7alNbjmqVR6e2MEkLwJRJ-ez2CqX8l24icM4M0510qdyb_1uO_hZ8oIOSEEPEhX786jor0vY0OeyFfWNr_p-gcslmbBs-rCkNbpGa62cH_Gx0elF5IWdEgI3WGxPdCJDjNLAYMu1QJKcCud6qcLngTlo4MmwzgOpCGMecUZrdXkdwNibvdPd62kBENCRDsi5RIRByzH9Jum4UE7ZAZgVAVTabBL5-7zV3m5e0x5hufYw_UeTklaAQ5Oh9Zrjp0UCmJAmf7eT7BiprbVZ8FbNjNzYcGY8QQm8BHbHp1R3D7l4Hg2Alrlz_Y5TAqdHjBRAOelGk2__HIMjNU-SBLH1vAg-qt4Ri3uXbZ-0m-w6sasQpedbh7vt3t_PKMvwt4_GjPv4uXrg-z-9NdH_iuhd9JZURcfOVGE4s-UmOXQ7sbQHJc3h4BCNptFER9ybjylap8L7guONTNRSYPlLErGAYkm8iDXHO70c6L67WYtRTIdEE_WQCzNV6NuvYP7zxdbO1ULVwNINebvsssUN8OAbhnuyeQ2izp0K5LLE9x0dC6DvBGtjU7QQLw0FdmwAk-NlIlS2CZq_KNPAcxei3-XkzwiAnbYS-2Fe_ZXxfCdO1UNXOLTXOH1maZwdwiO801fNkHP_oFOvaRIVVwCX-T9P5dqKLq1zibMRPk7LwUwdaiWFgFAL8O_Hq837_0VqAyFRDsFFHfF0VSf9GKy6rLp_a5xKeG7tlb8lTrgUcEz5UAe_OoSIrRQcDKeWFshMVhd4LQappipfwYAttYhD24vQmWnssarOzs4Pg1BakJeoMfdsrG9lYfjvyTx2zmeg-k6hB5Y0AZV2S94rsY6frwaFu56aLVYvWwkom83jRGVj3O_czSZJeBE5N6SLQFOAc68_C77VB6Q7sY4lDlmlSHpLcG6qDFUTLKAO34O1ekBIlxt6lYIz-ARVrOwe1I2s61TEB8TrFnZPzSmQqoP7wrYIdAVDo-P3MghCGG1NV_-O5mj_xI_xT6p2MZZ0syvhm3CmH3EzaT86WDXvYYgstIDJXFR-dSMnN-bCIuzo8-oycNS8NF3-QA_CDCjYMGZsvP4Xt9Jq5GDA4UWublwRG_tE4jxyMCds7GoQti2GRknKVusZATwro2YzdUIQkdDyEJ389pxy5buSOkfNjL2LxbSIY275qYgs1ags7Pa06eh37SX2x0PectBMYRa5M_fG9g0jSjIqMiwWwd603d4mPr8F96tB-docH-Fey69GnVUbzSRcapqj4Bm1hq093hJV8rM7LW3DN5MslwCcsEditx1BFlGxVvhs6CKUhN-Fisp1TUetOGXjCnKeOgKrDjM3U7xElbARFMjMEduKg0d2Sgtxg6iyN4bkrrobnYCe4sLvitS0yOWObjnQMvTw6tRGqJyIvPL9fm0CVgrVtfgghZ2CD-SO9NTb9H859yIK9MGnc0xZkiTUqvZIBa4YPyN0RbQu7qSSkRReXn0gy_5BpAsjkKad6eYZ1enErG813tzeN9Idx_NoGcu9fSQ11DXflK3RmqJVWknxf2p1UE39vhWxQu-g_RUasx9KFUbVBQFGITFW66QW93omagYUYfUln99eHkHfAX_Ts6-Bf5dbcXsaJYy84j4yk6HYUI4jDqKBc5VJKxA_WKj5hswgOAS4bUoqNKy-ncTl1qWOCKztcG1gvCeWrMj9cw6EErTvWcvpXFdXF6LUl4ZpHGhNqzKayUGoehCe8eXYu2941QRPtZpOMuJNooCA5yQIF4cFp6nBFD09lKN4H_oZx_xZ_C7i66PrYlG4IBm4hSDfoeIcPDBoH-t-RWDgtr19jVi1lhtyAHy2dUAzKDjChQrZWxt4VJ&cid=CAQSKQDq26N9jauw9OaPSEkRuAdMSKAuFGubHx6xR_Xzm2L9-f56udVat6VgGAEgEw&rfl=5%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2C%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 00:06:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
49596
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
server
cafe
etag
7611781198975194673
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 24 Nov 2022 00:06:47 GMT
pixel
cm.g.doubleclick.net/ Frame DE4F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIThGwBi6AvrQKOtK9-9B_A&google_cver=1&google_push=ASkJ3FYCk0SMDqjI1BHZimfe2Fa9RB69C3vfsl2NeaZ3qCBOwT5Pbg3TcJs7eARZX2FtC9tLllVtqEoekjEKdw_vnu88zjTO1c74NS...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12F8C8EF15E240F1BBB55A33814A3EC6&google_push=ASkJ3FYCk0SMDqjI1BHZimfe2Fa9RB69C3vfsl2NeaZ3qCBOwT5Pbg3TcJs7eARZX2FtC9tLllVtqEoekjEKdw_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12F8C8EF15E240F1BBB55A33814A3EC6&google_push=ASkJ3FYCk0SMDqjI1BHZimfe2Fa9RB69C3vfsl2NeaZ3qCBOwT5Pbg3TcJs7eARZX2FtC9tLllVtqEoekjEKdw_vnu88zjTO1c74NSpRpbtUXWIkm_uq6o7ctZTsbZYBVqX_9UULiU7CV_YupxJzr7503w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12F8C8EF15E240F1BBB55A33814A3EC6&google_push=ASkJ3FYCk0SMDqjI1BHZimfe2Fa9RB69C3vfsl2NeaZ3qCBOwT5Pbg3TcJs7eARZX2FtC9tLllVtqEoekjEKdw_vnu88zjTO1c74NSpRpbtUXWIkm_uq6o7ctZTsbZYBVqX_9UULiU7CV_YupxJzr7503w
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 09 Nov 2022 13:53:24 GMT
pixel
cm.g.doubleclick.net/ Frame DE4F
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESECS_Lyl1fjtl2nQNxweAHcE&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTNkN2UwNjEtZjA3OC00MmQ3LTllN2QtMTI3MjVkMDM0ZGRi&google_gid=CAESECS_Lyl1fjtl2nQNxweAHcE&google_cver=1&google_push=ASkJ3Fb0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTNkN2UwNjEtZjA3OC00MmQ3LTllN2QtMTI3MjVkMDM0ZGRi&google_gid=CAESECS_Lyl1fjtl2nQNxweAHcE&google_cver=1&google_push=ASkJ3Fb09JSAG0deAHD4IqMDOMZ73XWsWvOYgl3m_G8anMA2IarIB4HNB9UuThEm29Jlc30ACvq6yTMSWxl3X4xUPMpaxRJVoUlOOhi4AFD04HXlAmpO_1pJCN3nouKwNTEZtRaE4Osvm_dYc6zLy8ugVw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=ZTNkN2UwNjEtZjA3OC00MmQ3LTllN2QtMTI3MjVkMDM0ZGRi&google_gid=CAESECS_Lyl1fjtl2nQNxweAHcE&google_cver=1&google_push=ASkJ3Fb09JSAG0deAHD4IqMDOMZ73XWsWvOYgl3m_G8anMA2IarIB4HNB9UuThEm29Jlc30ACvq6yTMSWxl3X4xUPMpaxRJVoUlOOhi4AFD04HXlAmpO_1pJCN3nouKwNTEZtRaE4Osvm_dYc6zLy8ugVw
date
Thu, 10 Nov 2022 13:53:25 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE4F
Redirect Chain
  • https://dynalyst-sync.adtdp.com/pixel?pid=10&google_gid=CAESEH-gcTOwEek9Qy2iEhhFtKU&google_cver=1&google_push=ASkJ3FYCxgfkKFwO5z9a__WnmkJkQ5GNJ1626h3wAqqCWVmUz5CC1BUZUtbgycxVK4I2N71V0KFA4oCdPFwHVQT...
  • https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FYCxgfkKFwO5z9a__WnmkJkQ5GNJ1626h3wAqqCWVmUz5CC1BUZUtbgycxVK4I2N71V0KFA4oCdPFwHVQTunNkBL7O9lBbyWlVzzyF_oDdBiHT2XAO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FYCxgfkKFwO5z9a__WnmkJkQ5GNJ1626h3wAqqCWVmUz5CC1BUZUtbgycxVK4I2N71V0KFA4oCdPFwHVQTunNkBL7O9lBbyWlVzzyF_oDdBiHT2XAOvN2GmUEItHFiNugCj6C-2pMIJAR9ZCIoKAkI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=cyberagent_dynalyst&google_push=ASkJ3FYCxgfkKFwO5z9a__WnmkJkQ5GNJ1626h3wAqqCWVmUz5CC1BUZUtbgycxVK4I2N71V0KFA4oCdPFwHVQTunNkBL7O9lBbyWlVzzyF_oDdBiHT2XAOvN2GmUEItHFiNugCj6C-2pMIJAR9ZCIoKAkI
Date
Thu, 10 Nov 2022 13:53:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
asr
aid.send.microad.jp/g/ Frame DE4F 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESELGBaUZNxEbwopUMD1vR36U&google_cver=1&google_push=ASkJ3Fakq7C82tD1r-lWbdH7Pv0aUJfatiuKw3-l-7gyFQNt5WA327pLj_KcChPOk5M8bHgpzCH0wv4uEuybwFgWmLOtO3-vGrIoE84-LmHTcKbyE0_zuXlOpf6pCKXf_EjrsgKuXUkIf_sNfo1XbFNmWzc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:24 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame DE4F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECdP3SRNUEH85_XN9B4aVbo&google_cver=1&google_push=ASkJ3FYTmlcVirtxg70rHjQBzutqY5yBTNl9-ANQndOvIiWKc9-Vx54gNcdyqGNSFmKaZUhkt2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==&google_push=ASkJ3FYTmlcVirtxg70rHjQBzutqY5yBTNl9-ANQndOvIiWKc9-Vx54gNcdyqGNSFmKaZUhkt2YlB2PrVj6Il9-T_LkSvqRlop8-7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==&google_push=ASkJ3FYTmlcVirtxg70rHjQBzutqY5yBTNl9-ANQndOvIiWKc9-Vx54gNcdyqGNSFmKaZUhkt2YlB2PrVj6Il9-T_LkSvqRlop8-7f0ygIBbOhEV5CC5YU_ad_XqOHXb0zaOnqPGVEL7EVN1w8KRzqWc3f8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==&google_push=ASkJ3FYTmlcVirtxg70rHjQBzutqY5yBTNl9-ANQndOvIiWKc9-Vx54gNcdyqGNSFmKaZUhkt2YlB2PrVj6Il9-T_LkSvqRlop8-7f0ygIBbOhEV5CC5YU_ad_XqOHXb0zaOnqPGVEL7EVN1w8KRzqWc3f8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
pixel
cm.g.doubleclick.net/ Frame DE4F
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhBjGOpe0aoPFjkSjmcdiI&google_cver=1&google_push=ASkJ3FYLjmje2ZfisGdibU1Cy2vixyWFqwRw6LM9J-k32QA6ufykWXT5zrHhWjeW0r8RtSsnhZBMBfoGMkfz5UwW...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=3ba3d39d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYLjmje2ZfisGdibU1Cy2vixyWFqwRw6LM9J-k32QA6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=3ba3d39d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYLjmje2ZfisGdibU1Cy2vixyWFqwRw6LM9J-k32QA6ufykWXT5zrHhWjeW0r8RtSsnhZBMBfoGMkfz5UwW9vIrWDTEIUmC6jzNQ7YzvwmJTTHq4ThC8w1fXyS5fy4AYRNPgH6gzgeyvcEn2HuYfSk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:24 GMT
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=3ba3d39d&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FYLjmje2ZfisGdibU1Cy2vixyWFqwRw6LM9J-k32QA6ufykWXT5zrHhWjeW0r8RtSsnhZBMBfoGMkfz5UwW9vIrWDTEIUmC6jzNQ7YzvwmJTTHq4ThC8w1fXyS5fy4AYRNPgH6gzgeyvcEn2HuYfSk
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
lSViSwtnEdSBjFJdMmo5PFV75L513judXZ3dKiaIu26amcWo2kbzIw==
pixel
cm.g.doubleclick.net/ Frame DE4F
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_5...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6aaf0941-3cd4-4660-9549-a12bd2554ec0&&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_597i3LZQSR9fODlS2NeJW5duP-DyMJK6_si...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6aaf0941-3cd4-4660-9549-a12bd2554ec0&&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_597i3LZQSR9fODlS2NeJW5duP-DyMJK6_si2ZhF2JbJWYx2a5yV7-Tf_eliBeKH2KKbcNb6mc1twDDYY8a8FfV3t4HNK046kNY4v1zrxjIcbEtzWPo7DC
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=6aaf0941-3cd4-4660-9549-a12bd2554ec0&&google_push=ASkJ3FbpNcEhl473B34WlWFW5vCwdYx62-R6OB_597i3LZQSR9fODlS2NeJW5duP-DyMJK6_si2ZhF2JbJWYx2a5yV7-Tf_eliBeKH2KKbcNb6mc1twDDYY8a8FfV3t4HNK046kNY4v1zrxjIcbEtzWPo7DC
Date
Thu, 10 Nov 2022 13:53:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame DE4F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3HfdT_u3g_AnBMMJ0ylxagCOYFCrutxI75suPLh_7reqW0G4bqS2DTph8Hq78y6Wo8o5LFA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_cver=1&google_push=ASkJ3FaCWwOtqIOA7MlGxPhGJWf4gCB-kmx9SUXrvPYGg2LxZKOLGFl...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=765a6e20353c2281&is_secure=true&networkId=14000&version=1&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_cver=1&google_push=ASkJ3FaCWwOt...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJnx7XPXbTWAN1df-dAAAAAAA&expiration=1668174804&google_cver=1&is_secure=true&google_gid=CAESEFAf1H5NnWSR2N7vrCkEx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJnx7XPXbTWAN1df-dAAAAAAA&expiration=1668174804&google_cver=1&is_secure=true&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_push=ASkJ3FaCWwOtqIOA7MlGxPhGJWf4gCB-kmx9SUXrvPYGg2LxZKOLGFlpSOwQ5o6kCxKNvAhY_-44gHZisEfeeMCcWJLLRpGlBrBIpqraIobM11NSfMMaTJ116HOPfCMd2mayxEcRnDAzSfs3j4K_-AYYjDE
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJnx7XPXbTWAN1df-dAAAAAAA&expiration=1668174804&google_cver=1&is_secure=true&google_gid=CAESEFAf1H5NnWSR2N7vrCkExnw&google_push=ASkJ3FaCWwOtqIOA7MlGxPhGJWf4gCB-kmx9SUXrvPYGg2LxZKOLGFlpSOwQ5o6kCxKNvAhY_-44gHZisEfeeMCcWJLLRpGlBrBIpqraIobM11NSfMMaTJ116HOPfCMd2mayxEcRnDAzSfs3j4K_-AYYjDE
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESENkhydPk0NPsZwUwmzFdpls&google_cver=1&google_push=ASkJ3FYUrIdGt71-jCL8XvsWUbiqtdvRthYW1V6SangCWkYeGThH_tLdXEapwM8dchRMZp0XVVyCnhE9VPH2z3YSvm...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESENkhydPk0NPsZwUwmzFdpls&google_cver=1&google_push=ASkJ3FYUrIdGt71-jCL8XvsWUbiqtdvRthYW1V6SangCWkYeGThH_tLdXEapwM8dchRMZp0XVVyCnhE9VPH2z3YSvm...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTExZGY5N2EtYmMxOS00MWUzLThhOGItMmUzYTA2YTI4NjZm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTExZGY5N2EtYmMxOS00MWUzLThhOGItMmUzYTA2YTI4NjZm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTExZGY5N2EtYmMxOS00MWUzLThhOGItMmUzYTA2YTI4NjZm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEBPusgE_nS3oZ9ymrLkVx5s&google_cver=1&google_push=ASkJ3FbyqbeglXVlaTAFeKv6JMtqZbHsbNCLi9AKs_r5FbZ-Fbhn4Ye3_CKZXzZB_2tGsg3f-kzGAh5UZh_GqewiKRd2GyQRws5EHsZ6...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODEwMDExQTFFRDEyNjFGMg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODEwMDExQTFFRDEyNjFGMg==
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODEwMDExQTFFRDEyNjFGMg==
date
Thu, 10 Nov 2022 13:53:24 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFhBjGOpe0aoPFjkSjmcdiI&google_cver=1&google_push=ASkJ3FZrBZrGPGH_IjtOLctqypLvinilWM2kZm-ZK5hODVJkn_MvR9OPVmaRXu2Cw4rb14indK8nmH0OfXeD8Gjn...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=1f8a97e9&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FZrBZrGPGH_IjtOLctqypLvinilWM2kZm-ZK5hODVJk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=1f8a97e9&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FZrBZrGPGH_IjtOLctqypLvinilWM2kZm-ZK5hODVJkn_MvR9OPVmaRXu2Cw4rb14indK8nmH0OfXeD8GjnUsL49O3f8BDDWBfnX3ek85_DW1lm_vqMJYnzEK7P_5A0Fv9OEkBXLrrbj8f4c3F9q_Y
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:24 GMT
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN2-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=1f8a97e9&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=ASkJ3FZrBZrGPGH_IjtOLctqypLvinilWM2kZm-ZK5hODVJkn_MvR9OPVmaRXu2Cw4rb14indK8nmH0OfXeD8GjnUsL49O3f8BDDWBfnX3ek85_DW1lm_vqMJYnzEK7P_5A0Fv9OEkBXLrrbj8f4c3F9q_Y
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
BAMcvM40onTL38co_-OUQBxAkICOMuTQGvZ9C1G5fZgjtcaI0Ucq0w==
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1&google_push=ASkJ3FaqX6dz4nqtiCu_PW716Cqh8xYjwwOiWCWAEwJMEvUhuhLcFfMIRuIOukZXnjfXY7Re9YiF_KlNFzhp...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRGRzZSHv4z8Poed6cnpZecMlXBKaggw&google_push=ASkJ3FaqX6dz4nqtiCu_PW716Cqh8xYjwwOiWCWAEwJMEvUhuhLcFfMIRuIOukZXnjfXY7Re9YiF_KlNFz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRGRzZSHv4z8Poed6cnpZecMlXBKaggw&google_push=ASkJ3FaqX6dz4nqtiCu_PW716Cqh8xYjwwOiWCWAEwJMEvUhuhLcFfMIRuIOukZXnjfXY7Re9YiF_KlNFzhp2rCETmnLr3XuXHEq0FoS4N3slrvpM3ytalqONceAU5-gKSz-fhYd9j1qWTqw7oLoNBGnCl0
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRGRzZSHv4z8Poed6cnpZecMlXBKaggw&google_push=ASkJ3FaqX6dz4nqtiCu_PW716Cqh8xYjwwOiWCWAEwJMEvUhuhLcFfMIRuIOukZXnjfXY7Re9YiF_KlNFzhp2rCETmnLr3XuXHEq0FoS4N3slrvpM3ytalqONceAU5-gKSz-fhYd9j1qWTqw7oLoNBGnCl0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN37IX1uZNENcO_9LX9pHU0&google_cver=1&google_push=ASkJ3FYs859p-yhkWLR2nbCPISI8X_EUYQDcsgZfOc4qMz-qaoVuyAx5fQmum-gD1QdMUsIFFao8w5tlmj4N5UG...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FYs859p-yhkWLR2nbCPISI8X_EUYQDcsgZfOc4qMz-qaoVuyAx5fQmum-gD1QdMUsIFFao8w5tlmj4N5UGG_OnF45tHbscxW4ca5fh9j4SX-ENCAbo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FYs859p-yhkWLR2nbCPISI8X_EUYQDcsgZfOc4qMz-qaoVuyAx5fQmum-gD1QdMUsIFFao8w5tlmj4N5UGG_OnF45tHbscxW4ca5fh9j4SX-ENCAboS33xRHNVA7NzjQUxjqB6MuONrrYe-un5bOC0Z&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FYs859p-yhkWLR2nbCPISI8X_EUYQDcsgZfOc4qMz-qaoVuyAx5fQmum-gD1QdMUsIFFao8w5tlmj4N5UGG_OnF45tHbscxW4ca5fh9j4SX-ENCAboS33xRHNVA7NzjQUxjqB6MuONrrYe-un5bOC0Z&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame ACE8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEH5PRG4UeSM9RSflDoNHAus&google_cver=1&google_push=ASkJ3FYIflcI3Qifq...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D&google_gid=CAESEH5PRG4UeSM9RSflDoNHAus&google_cver=1&google_push=ASkJ3FYIflcI3QifqXD1ZId6P-FBKnuLbz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D&google_gid=CAESEH5PRG4UeSM9RSflDoNHAus&google_cver=1&google_push=ASkJ3FYIflcI3QifqXD1ZId6P-FBKnuLbz-lK4GK_8qCmIzxIE3V_VRBwE6g9FxzYhsnc2vhiznDz9X256j5vydzjjoVFP0emmcIXP8Y4ZAmo4I0z2kcW_yksEr-Xf-zsGqr1ijDQb__pxJY5A3X-S3nS_y-
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 13:53:24 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
878b74a9-2e64-43d5-b987-f3879eca3c79
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQzNDY0OTk4MzQ0NDM0MDI0Mw%3D%3D&google_gid=CAESEH5PRG4UeSM9RSflDoNHAus&google_cver=1&google_push=ASkJ3FYIflcI3QifqXD1ZId6P-FBKnuLbz-lK4GK_8qCmIzxIE3V_VRBwE6g9FxzYhsnc2vhiznDz9X256j5vydzjjoVFP0emmcIXP8Y4ZAmo4I0z2kcW_yksEr-Xf-zsGqr1ijDQb__pxJY5A3X-S3nS_y-
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ACE8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlyJPsfCsqocQBFutLA9A6IeH8NJG_49JVf2fMuSNGedjugDkdnCA5kmUlbcnRB7zfIyq8eSg
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 639C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4641d14bf072385646733ed30263ceb1588aafa0dd68ed2e58244529efa0a272

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1C06 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
111769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 06:50:35 GMT
expires
Thu, 09 Nov 2023 06:50:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA3D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 06:54:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A434 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1920
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EA3D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
321bde5f6b1eac7eb054d35ac8981e8259b3b8c076288cef5e280c1eb8fdab31

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 1C06 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
pixel
cm.g.doubleclick.net/ Frame A434
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekRuQ2NJbHoxT1Q3Wkg1&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cver=1&google_push=ASkJ3FY-KNURd0cT4sMmn963gFlukghP5CBCW73TThoiibw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekRuQ2NJbHoxT1Q3Wkg1&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cver=1&google_push=ASkJ3FY-KNURd0cT4sMmn963gFlukghP5CBCW73TThoiibwxn7A4HQCgzE3ntrfjedROvA96URfAOl9ole9KtJvHnZ7fOdRC1qr8tg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-00a1d164ccc6a2581@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ekRuQ2NJbHoxT1Q3Wkg1&google_gid=CAESEOETVLHeU19jVDwMEAkjjlg&google_cver=1&google_push=ASkJ3FY-KNURd0cT4sMmn963gFlukghP5CBCW73TThoiibwxn7A4HQCgzE3ntrfjedROvA96URfAOl9ole9KtJvHnZ7fOdRC1qr8tg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A434
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEI2LXBb_aexiMwxJDXUl1-Q&google_cver=1&google_push=ASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2LXBb_aexiMwxJDXUl1-Q&google_cver=1&google_push=ASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHu...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2LXBb_aexiMwxJDXUl1-Q&google_cver=1&google_push=ASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H2
Server
104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
767f4631cc25fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1701
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEI2LXBb_aexiMwxJDXUl1-Q&google_cver=1&google_push=ASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FZ80B0N0WTAKjW0ER7t8MpZ5CrP1NLluSDZ4sUC5wU1nVHj33_oCHT5oh7lepkD3czt8GUNyJhEiFRnmPvPjmmBJ_C7iHui%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
767f46300b74fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A434
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEABdWtrhHHv8Nk0VVffvs3k&google_push=ASkJ3FbM5T7qXE23NPe_sWHEu_h2DKfPx_wFCsc6W-peFEW1WTvVw5M3k0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEABdWtrhHHv8Nk0VVffvs3k&google_push=ASkJ3FbM5T7qXE23NPe_sWHEu_h2DKfPx_wFCsc6W-peFEW1WTvVw5M3k0QFYf2pS3jsLh9yVw1RPMm-HtdKt0-K79ej6QARJnuGjw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mel11267-MEL
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1668088405.567620,VS0,VE224
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEABdWtrhHHv8Nk0VVffvs3k&google_push=ASkJ3FbM5T7qXE23NPe_sWHEu_h2DKfPx_wFCsc6W-peFEW1WTvVw5M3k0QFYf2pS3jsLh9yVw1RPMm-HtdKt0-K79ej6QARJnuGjw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A434
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEK30xNVETW52pZwJnfPUdeE&google_cver=1&google_push=ASkJ3FYYcyy_Zi7Fq_uBR59Op1oTghjRJCp1zUZ73mtctEpKhJfSLIhAi2X28cwVT-gAMOYw4uHcd...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYYcyy_Zi7Fq_uBR59Op1oTghjRJCp1zUZ73mtctEpKhJfSLIhAi2X28cwVT-gAMOYw4uHcdmGXC5n3XGeNSAUKRYQaOIB_Lg&google_hm=QkVjTVVJVVlPdEgxV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYYcyy_Zi7Fq_uBR59Op1oTghjRJCp1zUZ73mtctEpKhJfSLIhAi2X28cwVT-gAMOYw4uHcdmGXC5n3XGeNSAUKRYQaOIB_Lg&google_hm=QkVjTVVJVVlPdEgxV2hRRjBfb0h1dy13SEYw&from_google=sp1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:24 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FYYcyy_Zi7Fq_uBR59Op1oTghjRJCp1zUZ73mtctEpKhJfSLIhAi2X28cwVT-gAMOYw4uHcdmGXC5n3XGeNSAUKRYQaOIB_Lg&google_hm=QkVjTVVJVVlPdEgxV2hRRjBfb0h1dy13SEYw&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame A434
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHWzwqA0ragAT5x7oDhm83o&google_cver=1&google_push=ASkJ3FZPpY4JFssZFK-YvbdlF-CIHRo6fYoKrA1l1VapkA35avJ-LZS4hTrhjDTJiRd-lQqfco5fTQvvgq-aezHOHOPFeoY...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZPpY4JFssZFK-YvbdlF-CIHRo6fYoKrA1l1VapkA35avJ-LZS4hTrhjDTJiRd-lQqfco5fTQvvgq-aezHOHOPFeoYfSrFLNw&google_hm=MTYxNzYxMDI5ODk0NDYz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZPpY4JFssZFK-YvbdlF-CIHRo6fYoKrA1l1VapkA35avJ-LZS4hTrhjDTJiRd-lQqfco5fTQvvgq-aezHOHOPFeoYfSrFLNw&google_hm=MTYxNzYxMDI5ODk0NDYzMTY1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZPpY4JFssZFK-YvbdlF-CIHRo6fYoKrA1l1VapkA35avJ-LZS4hTrhjDTJiRd-lQqfco5fTQvvgq-aezHOHOPFeoYfSrFLNw&google_hm=MTYxNzYxMDI5ODk0NDYzMTY1NA%3D%3D
content-length
0
pub
cs.chocolateplatform.com/ Frame A434 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECTpZ4QeUeZVy9dEB26ZT18&google_cver=1&google_push=ASkJ3FbIeZuviYZiRn9LfYNECZFizIRrGP2Snm9R_7mfBy0ZK61CAoG7Jd6leCJtx-DdoxHiJxPF_lNHSYZVJjMkZymdjW2mXPr7iA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
159.203.145.121 -, , ASN (),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
server
Chocolate Cookie Sync Powered by Vdopia
content-length
15
content-type
text/plain; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame A434
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN37IX1uZNENcO_9LX9pHU0&google_cver=1&google_push=ASkJ3FZtO--376_RgUOz_9u694kea0y3xOeWch_6r4haiaQtKN0_tA6pv4VUHaq1-g_K8RwAWXEGEfwmKw8Dsfm...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZtO--376_RgUOz_9u694kea0y3xOeWch_6r4haiaQtKN0_tA6pv4VUHaq1-g_K8RwAWXEGEfwmKw8DsfmmbRhACsypm3jTk2U&google_hm=M2E4N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZtO--376_RgUOz_9u694kea0y3xOeWch_6r4haiaQtKN0_tA6pv4VUHaq1-g_K8RwAWXEGEfwmKw8DsfmmbRhACsypm3jTk2U&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FZtO--376_RgUOz_9u694kea0y3xOeWch_6r4haiaQtKN0_tA6pv4VUHaq1-g_K8RwAWXEGEfwmKw8DsfmmbRhACsypm3jTk2U&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame A434 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9Kn5sEq7cGDdc3ZcC_15Cv31JMag_n5tnW65ezakWF5pnNzlWVfFQR_CJtNbjlR5DW6zIWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enabler.js
s0.2mdn.net/ads/studio/ Frame 9FCF 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Nov 2022 14:02:21 GMT
pol.jpg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		32 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/pol.jpg
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f9f56fcc9edb871f8e23fe04e1915e4700c1348a57d844d93a1d06f87165644

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
5NC1GFQK7N8YT1YT
ETag
"5b428cacc5c571019c82095d6da26b31"
x-amz-meta-info
polite loading image
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
29027
x-amz-id-2
QcnEQKWABxNLTw6sy+X9wTgMCz9EqpLmrAsh4VG8MK5jlUAYbRpTB3HSa8TvuFXIZAW+RdvlH7s=
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 61BD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
111769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 06:50:35 GMT
expires
Thu, 09 Nov 2023 06:50:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 50C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110301&jk=1830784028621896&bg=!4OOl46fNAAbvMpMzzzI7ACkAdvg8WhINh2r2GzJNPqmRbh1Vu1vYbL9kqUz6-hCpzx_TtQtYTtok2wIAAACxUgAAAAJoAQeZAsShlzzkp_5sql8NRz3I5pdF_8kiIsg8tAQSPG4NBiEKe6esZAXjd5EimUoitviQ133fq8khueIKePsSeHdoMvb87jVV0ehe5mofUT_sQ4ksyNR466ZaHNVKB0Gcl9F0yaDCDWeqUPgTWdweUHfsi1LGKLD5xFCUeCKdPvx9r7aeM_pWIWZWttZaZmfJFSRWNGuL41pGd4L1rQ3tQUMsUUdNn9kdFwawtmVs8al3ZQFKC4IPz8mlictChJAqchxGmEKIB-WukLRsW9FGQTw48pD4DF78r5eLSW1P7EN2RBIUXr2TadXcZvc8-qH4OmjZ8ZkjCidtwPQ2_MInNVsY_cO4u07ZHArD2fxiftZhx3BftkPho5To_5Tj-fCoZjzNiKrOoPPvh1NgblfiaeFO4dmFTgnlUZFHP6UMv4_E6lHp1P2nt4MPvov9HKK0dGDP7FMavL_ppyexxgIUhq6m7_3vx1KyN6BC5Kge7dNEjqiXnreWctCMvwDRrNOcsDQDMh6XyKlECV_rRbvtu7RhlO_SLzGdvj6FlzaR10My0HtrIUAZ9bMR90fWqovCob5UQHf8kNbXFcLToMk3PvJDkdORN9j_B5AnqBp47ldaJt-j1TLekM4s0Eb_it1vpiLiMQ5mEHzhcT0jQ9OyxQP0hyDqk8gFlevzQvENVBB7dtPMravPmu5CM1CA03lXD540UIGxBARHEUN2Nk7XRLWXMMPlxpIovBAarDIeOd8wcYqXkoEjuJpGan8bvlenxwvZW0srbQ8XqrcCv83pxJ3fOq4Ks8xRW7D_tIgWeUTmYDAXTAj_styfjwiN3G_-Kp9Pr5Ux30mhB90gomyw6mtaKT4LQw_TwxZIsaqS8uwVaXLA9FPYdYt__xe9YoIAkARd2ESKCtwgPCWJsU0bISmycYFoEi4azdIbN24Vy_ODZWZllc9xzRg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame E208 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lab4rm8u&c=7522135407692&slotId=3761067703846&qqid=CKGjp8Xho_sCFb7vcwEdI-UN1g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.161.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ig-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E208 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 11:07:40 GMT
x-content-type-options
nosniff
age
528344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 11:07:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E208 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 01:45:16 GMT
x-content-type-options
nosniff
age
216488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Nov 2023 01:45:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E208 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CFWwJUgJtY6GyCL7fz7sPo8q3sA3e2eWabcSDqYHPELfLor3AARABILqEwDNgq-yxheAYoAGM8dKSAcgBBakCsgCXxTapoz6oAwHIA5sEqgTYAU_QQo75FoeyhGiL-MJJwhKu2lLMcwk5p3phork5dbc3aFZc05PpqhyEgqhKQffexbFnUMEETu3b7GUU55OBrqPn0oJZ2Xz8x7CE_Hv2JhFkj6g0PWlHVnhugQ6mXi9Z-WSp15fkWWSlO6npKokVk0BA7XBrOKge4eMhRaQ3pI-KaZMsM-N2-UvGGh93U97fSsNMCvecJTH64gbx9MRM3Y1fSlR4iiMpRu-MTa53QLSTMR6TTB0YQQd2gTETyVZd_yfubUGDRX47BR-UDtr6gMcYezI3C8jrPMAE2Pykm54E4AQDkAYBoAZ2gAfcjq3tAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHgCwGADAGwE-SShxHIE5z_ruED0BMA2BMKiBQL2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1668088404325&ai=CFWwJUgJtY6GyCL7fz7sPo8q3sA3e2eWabcSDqYHPELfLor3AARABILqEwDNgq-yxheAYoAGM8dKSAcgBBakCsgCXxTapoz6oAwHIA5sEqgTYAU_QQo75FoeyhGiL-MJJwhKu2lLMcwk5p3phork5dbc3aFZc05PpqhyEgqhKQffexbFnUMEETu3b7GUU55OBrqPn0oJZ2Xz8x7CE_Hv2JhFkj6g0PWlHVnhugQ6mXi9Z-WSp15fkWWSlO6npKokVk0BA7XBrOKge4eMhRaQ3pI-KaZMsM-N2-UvGGh93U97fSsNMCvecJTH64gbx9MRM3Y1fSlR4iiMpRu-MTa53QLSTMR6TTB0YQQd2gTETyVZd_yfubUGDRX47BR-UDtr6gMcYezI3C8jrPMAE2Pykm54E4AQDkAYBoAZ2gAfcjq3tAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHgCwGADAGwE-SShxHIE5z_ruED0BMA2BMKiBQL2BQB0BUB-BYBgBcB
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame E208 		30 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ALFRru8W6ropnqiy9AJGHiOp9WXzjRkPoJhF7Ti4wBum44Gi75vSj0Fkb4LB6SrDClhCTX2Wr0kUp7gWDt7Bvw6c3vXQ&cry=1&dbm_d=AKAmf-DePjjq8tZgJXFnUquaLPDb4UpPhJq0AK6K-aKZu9252Xvsj_hz8KoV4MCeQenVJ1E6V8-Iazq8poXf7L_2Ev_oQ_lTopB8cPLjcsuRS2-KDL6hKY-jzMQWlSfmGfrwFwTsIV-QfV6zxz1Vo_biJYrNcy_6lJDkUakVBbBoeWT5N1Zr52zBGNIBaOCVPAdtV9BocwK9iFMXuA_wjcJy2K0i9UNlYH00B8TMZA_css64IlrcEhnl47S8gUGvKIQAUHZ6sY0QW4mcfYqnzpSIy0-rUwLOMjmzV25sWRzB6lw5isNEKgvTbi3fawbNJTy-5Iga6y_UiHyraI3FMn_BJgCekT-dMGRSLh3e8UClvd6b5MvMQoAlF4MJ-DR18t2s9Elg_EVdwOFpGVHC3Ga3RDs55U0oCmXK8KCSVobLmFbTfL8VgO08XoF2O9psn1HYAqQY7H-9RNSymS4yuVvDwZgRpVU_kwW3gi7yLMEST312fRUCs3_XcgrzVfHAHycYbvxhQglTobOZyayQWInnN8eTZESlffJeZHViyZ1RbPjnilIwOWmPizyterSmALEKJrW_9yI0H3PNIXbeX28VZ3dmRNVBeioY0kfpLwWye-VPo0RO6o2siwmALuZvG2s-QHzEezloXugU732VCRjqw73Z_48H8GpHQPiwb8XW2mrNxAc-ilo36uSXw7KmeMRc3r3vMxzLoAS52yCEHsChTd-qzluY8_tHUGUeOCzv1HArlAacKcYbczD34SZR4h9Gm6rBwHZAOx1cTindofwRWm_TKod6E8lCkMpe_eJTy5JsPIQ4CONkeyqICf_91ABAItkV7Fv_zhbTkCfRNEGMr1h2I0yE8tGkDC-AlpZjougAvW7PBcS6xj4wR7z-DH8ZKAH_9fJsNPO0L9sa17GrgZvyLERojQNEryElaG5LumiLDPSXs-VN-1p9UXaTH_c2m3j-D0Sxmxl8SLV5tHmMj26Td0389UEX9Fjiwq_pLZdgVeEtiulCQRhkmxlP9BdSoYfRMBVCgnvY6crBtwT6uhrTG3yJfoQTX-bor99QHE5UbWDrL7_e7mcrWzKPtUWRkWAHlMJ2a5mVLRmFQiGtUrxaT3zHaEcaX_a_2bgPVO1JfnGzsQ9Mx7DwkRLnPc078ssP9LCzMvz6iipLNEgy1yGPz31-KK7eRJ01WLR_Ur-TSI7PGhpJY4SKRiPMgcDB63J4Yx8jL2wKIBBV8y6qhPe7D_lBt0KpxMyA0DY9rByMGlXU5C4vzJgjTEsMopQQzUdIsGJLl1gjSosgUCBWT_WIfKHqtOm00yTPmT41E4dcOFPnrnQALt0MnwZbpJe8WBn25kWKZDvR-xFEaGO7srbE5ulCdjzcpJXnDGxvAMb9WlOk9NcBXxCxTbDx9J2PHxmDWGc7b8mELGWEM-CdJuwG-XZoXhX_aXMoAw_kAZWxjTUz-YoVurpmUKWhYJFJQqRmYSXP-OvPQZLxD7tCVkHxlMofp9x2taS04hJeiLMtBfctdXP1wWLH7nFuDvgd46Nd09nVirG2jU7y0XuZAMqUU7885rGSplKno__y200TGMtLWHsB_WBpgFkawY9p_t5gUqc6oW1fzxmqlODPKigpVyoWbySWlI7xESsbpznSbtzzUskJiKbqBHkOYTflJQtodPQWmZo331bKlPT39y6tOsHVf8ETS1PL_jQvnYOO3y7wA_zn84ehcgMv1sC4Av8razFzHyy7EJWa93q9F78YrufdYKrAK9wodB9JRx3_x-zMM4nDNMoAjhrPafbvwtt8Gd9Vj_XVPfDKCj5BQpZ67BfLliLXzTsH-YkE-3b9hMdkJFDcd3JW5vH3Y8GVcGKFVV_JjnfDy2arKjfBPmo4KlUfoMayMqoZonI7OfEFCgJiNkvYDbcdudGZmK4j-H7PB3NiN0IYp5ZM4ZX91BIcmJm1m2Y6ErGGE9mzv2Gg_-5qLExPNuH9BgtQfZHsQvV7n6sUXQhx6P9yzDiDn13mHZfUgLr5vUo5WhjG_wyx64OojRSC6clrRkAxQZaDTJBJkFw_BaC6YNv_jTDOGg6Z9xokRcibIs9IyG9cNacTTUglrBWUC4S6ZzQnvqrq0twmcR_Xe0EAfjRSeuIrSGkauPn_IZN-wsPeLFl3jUD4yOSDGNZmmC6Akckgv7u0uZx4x83rip_eHEvLFIlYWEIhSFRCUJDEfCPMRHO-6ZzNbWnJKxg1TRrDvjs1xwWHqA6klvetXdkH88S7i25NMPGtJfRgCVq4C4yHnc56UYjgmMN012sE4z5zx3yaRhelXWQB_Fba6Z-pU8AMBQZi8saP5Zhg5lFfKvvhJ3pt_0zsI4Sv2sAMyczOmL67ayK_n8JHFq06imnrHujzP4BZeR-EDuqVHBcXM801p0QRdXz15bWAu1ewemW7EQI3EPas4mFxY0nmjlY2k2sLBFHE-9QfINvqveoKzJST6GNWVNsj9uT9KSrxXIkO5EGRULCOVg3uC7YTmueYyxAJDSMrL_rUuedG-__tSDXIeTUplD5qVjJ71ouGDLViO26ZluIALzkidxd533JDYxWHYqwqCqAe9F47KQngVjoc9DAp9qHFDDuZPS-sigYo9cgJ6gaJoURejIlMCLsnrFvsity5Cesnf9S_GcRNyoAHNvyeFE5hgHOgcZWEK3UGXiUCnap0sO0L_9YvmDTYMBgEv75IL7VKDwIRD8X5AGz50eRfMN1yHPJOXLncEu1oKUwTXxcIyrYI1HYtcx5GJk19thVXqb13Bku-t3TTE_NVd17WB8VSBPHr0SzQ9lUdh40Y3IYCkyGFnHcrJyrvJhBV1M7_0FXQubtquCnMubA4CKANmv68CN-rG3Ic5Z4KXexyeyd0RmjfXhh8Bhz6ijKlkZWIXjeLl1aM5dAje-8SI4k2kaLRbNPQnIaDdTmveVRIjECk2I7QWQz-n4UQMigJjc37P136cOSy5GCLvm-EjdSIdNrOp-44z-SIr-mX7gx6G1h81Uzw6UHmN1BlX8Kb2eD--OPZFQOgvnoGoTzF5zFkoy9l2DYXo1XCsV1QQfFVegc7IhC2wEXUMF7N4G1OYayNRh-J7sSy5KXIQr4aqyjYDQtE-lEANh326_HJYFr3j9J6YFHXXfFweZW99MnFRccTf2MLLq-z_tYSgegplL0HQkL1l-dnM1Mms4EY2M5zVtFe3eBlbGIN2VJLqEhOoJTX_VRvl1eXKZEJSaLUryhBXwilO1dUMixZmsPOHp2t_8OP-LmqM0KYGEqOLZLM6ZOyeNNxEYHg6xa34ugB-x7crx2ZVLzwisFyKuJr7GlN-pOzAaIuplmPQWW10xtek8Qmwp-lc3ez9b_8wCWo2ReSgWD4STEXSusE6JpLjIMN7PQM3jmdhg3E9QfD-4JgtNkJCb9gK-OrkY-C7cCBsdEJ8ZhNdt6YiVEyNECe2ENQXgShWVHIOehv8SJ3AbpvT4g3OGRyXVKB3zYJkx02jeuFBcnwvJG1yYxQTkzWJpljTIum1JRME30U&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
adefecda8c78083a81981119e8c809a1cc9a6f7927d2789f202c1e7db46e6d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16172
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E208 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CndWhUgJtY6GyCL7fz7sPo8q3sA3e2eWabcSDqYHPELfLor3AARABILqEwDNgq-yxheAYoAGM8dKSAcgBBakCsgCXxTapoz6oAwGqBNUBT9BCjvkWh7KEaIv4wknCEq7aUsxzCTmnemGiuTl1tzdoVlzTk-mqHISCqEpB997FsWdQwQRO7dvsZRTnk4Guo-fSglnZfPzHsIT8e_YmEWSPqDQ9aUdWeG6BDqZeL1n5ZKnXl-RZZKU7qekqiRWTQEDtcGs4qB7h4yFFpDekj4ppkywz43b5S8YaH3dT3t9Kw0wK95wlMfriBvGsxdYoHs0MxuMs13fIG5XESVbyU7TZ-bSk0g9jDZ6LGAsXx6LelSuSaa1dpvf6OHzLJdKs34Ho3mmFwATY_KSbngTgBAOIBYuE3P1FkgULCCIQARgBSM6H1wGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQsboNGKfJwdQB0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsBsBPkkocRyBOc_67hA9ATANgTCogUC9gUAdAVAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=e4f8NJ7sDsw&uach_m=[UACH]&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw&vt=10
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FFD8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
1920
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:21:24 GMT
etag
48472445140208031
expires
Fri, 11 Nov 2022 13:21:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E208 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07a4dbb5290634d758daedcb56e4e7d15751b04599ee1703448fd46258415b5e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E48 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110801&jk=856493508507732&bg=!KCulK2_NAAbvMpMzzzI7ACkAdvg8WvUmrqRpmektY8UYJh8SNBETTtByCsskz1ViqhAAWg0byoCJXQIAAADKUgAAAANoAQeZArmbvxTQBiW1hBwCAOt9w40WC8S7sERCC4KI28J1YUevbORJgQDWGJePs9Nj2CudfkPGfNuFhAnRF5CypI8hbqDxoDRGzjpO4nEvEMr3Gu9-an8MEwT3i0bxg8FzoE78X_4OH6Lkm3yApPRgItgHPg3AD3lTSAlLuylY5p4B05D-cxbnBvc6tUtltnkwvu6GEZtWa3DpmrQCqEHr9T7xN5t8LFgFmmQNftzsRSxdTh3HDhX-DRNaVG6LKdCfAHmIOgRTypqcx1bW6yEXacuuMaIQg0VKGG5U4m__2hmZnVqTN3bnV5LHBcMJ3iFuia7dLevq7HCleFZ-Kwwa-dzKJp25hVTfhpkLL7TxRxXP2C1qzw2t6mKQfC18q-gB6rXSq88YCtBXksYt5rG0TiC_pUj2XpuPH2kmnYwDjT02mZX7vtkuVV2HPcdiHOWHGARbT1dYLBL0Ursa7MYs8p7HEmMKndAcOUoGDwGZ8mE8iW0MiD32Jlyu003J6kPBhuk8l6U09wSHo7nY1_JAI-xgDO8Q7TyTETgtKW9KMaUzIbQaqDNubdEGCJ2Vo0E_Ek2Yk2BEOv8OEjRHwM7MKno0qXKaCA7204yZ73d6b_hVkcVr-w57d8scHyGaFlhl9QZh1gZcTNAXRu5MG2H2bGjWhefZbzOBB9T7SSHhiSIeHrTOuW6hbPbY8akis5XzVsVjlKAPs62OwYqojT0YfRPSw2awVe-LxQ8As234M36VviPXHaRhsjtGb8zdruwgEX-qbaOn5Rgq3PshrfkN5BmKqCsRrOOPVATdr9pbmqfcnK9nlwP9hdCppmFYqxClQMovqhCR7SyaMik3ttjExPIJaObRZer6_ImZJGAYXQnbMrzYexnBHIFQ5uIKA0OpMh_QNAZRWJJwW3chOnPFfegF_jgxekqnnMri7rTe
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 61BD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame A1E4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 13:53:24 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame A1E4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 13:53:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A1E4 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 05 Nov 2023 13:53:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A1E4 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 05 Nov 2023 13:53:24 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame A1E4 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=IrTKbQCpRbeiqdUhLpbMzaRfvMAqISJualJs3_pZ8lHrXSOz_R8HGJRsDrW60pkTvxDSF_2myMJt7ux5ZN1weGqsNiIj_-pBD0HBp8hHcruWg3nm5_eXPhIUqnY9NmPQEtQLyybEKdBV0ysbdP3-R1GuFyrQzfA2V_Xmx2HeN5MiQ2KiccN2E7nNMCR_oJXvbduCXCVgIcDy20_M2M5rKOUUhs-f80UxPysPZP4kqe0XX9S1DCDUFbCVZQ8xwCd-Kw8Pd3CX4uJkeB2e70ZR5XTYyaOY6mHk9jDz27DW6CdZJC9u9vULW5uJ14duc5agDUHBGjt8PIj5iK6LoZvW0-u6VPG9fVJZSFJ-cQpxraXNvzngdjdZt8ZHj_11Ap6y8htQ0i2OEmSKaAyIwiQyndR1-C65imI5bhJnWDB5Q7ex6r3O
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3125043
expires
Mon, 26 Jul 1997 05:00:00 GMT
6e98b2cfec6c4c9dbc2e5a5d5913cb7d_image_ad_120x600.jpeg
static.criteo.net/design/dt/99951/221025/ Frame A1E4 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/99951/221025/6e98b2cfec6c4c9dbc2e5a5d5913cb7d_image_ad_120x600.jpeg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
d9cf1bdc04ec9e82f94d73bc3841aa4dbd39309e1f7f647b7b01108eaad00c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 25 Oct 2022 22:30:20 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6358637c-3cfdf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
249823
expires
Sun, 05 Nov 2023 13:53:24 GMT
all
csm.as.criteo.net/ Frame A1E4 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Ta9eUzELK9yfQtGlri33bLyfQJo4MhAFh6l96ZqTZ9PPR7mYcTuKlK-DQrG1UkvHvfSVsOkBQYJVoi1MP1I66SyJwMp2aSJMB5TQZtR60V2CY7wJK7JJfyEew8oFb7K6s5c_weTIgsu3Zo5ovXdzq1m_PVdxrQ7Qo5yZhmecPAufdYv3TYXTvfSBy2r3ErRZ3QkGUYgglw3NZSeqfhwZcdaXFdRe5s_7bhsWzgFobJTgnAcqN5t4gZKW1SCH6unPzmdnrA&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A1E4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 13:53:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A1E4 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 05 Nov 2023 13:53:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C06 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVyucUwJtY9iJEcGhwgOB9YfQAQAAAAA4AeAEAg&bg=!r6ylrOjNAAbvMpMzzzI7ACkAdvg8Wgzy43-9gn36W8ZiGnGCcpW57Li-17zmSGkDat4hvGCL9PAVlgIAAAB2UgAAAAJoAQeZAw5zqYmi8eSfHgKGQmaFxHK4Tq37aNYDZJ-PFagdaRGSOXZ6meXZWaYy0CpzdEhWQla1lKtcug_kn027ST6pgTlIfJJWGULK_M2dD5CwLYRy9uNBtE7t1E1iXjhFRkdVAYDKPK1uyD4kjxrmzC9smrzvIKoUHgAxzVzKvDSKLN-M3eFg8hZ7vdAD91dV0EsLqQTqqIXl6yVQCb5uAmyGj1iEAmpcMJepIo2laE3g4Zi8MBdB4bRICtPg00JIuoXSouvF-EAMX2mU1s1tdjXk5B5NOhDg5KjYsNG-DXZDJbcVLl5lOAMtp9wJzi1MXhKa74XzBES6lsebphLTfI6ti57OxyCin6XT0C2xhpAz5ZOyD0wQEICg2NU1vbLTTB7GcmZuC8PJwZVerJEYNQN8TRJuqct_iIYrIniP-jXf_HurN9Ipt4EohHxPVd36LBi_EBgtML0CNPvdrFOkkWNilM_K-9kiUrGGQeMzxaK_j-0GImyJoFZ0MnfZNZPiQeAUPRmM8Ss8sGPZddBoEMfQROOI_AN8RfqcPbRdmwYBeSvR27f3xKEqN4zqq8AHu7raBSkEqDiVt9Hcf2sfd_UhEWIgE_v1We0Xwm-pCmAjcRWzxOGau7_eGUEanKd9VEdP-DkCsseQxeZfqyMRSLQoyr1gKzXWHVdQhyNT_2PwZBwz_NTMr1Gjyf_WnSnJSfwpBUdvO0uQ7BxIzPF5KU9uYP82Hco-A6vCK3vuzk6SdFQjYnliacirurVseVvNZpup-iM_vyGue88t5sfKH2jDknZO_XRe1FB23z2YdR_gxhpZgC5ooTtv4h1aIS--jY08BD9B4KpVZ4czORxwy7aajMhPTyaVsuscSGQT4kKBlHXyaBeBJ0D2nQoovorK1Ib5SPCf4Cfzfmm8eEjxZfb7ndYy9eanRtrw1y-ivU3uIjBVZ_bv_P9ewm7ztTf2aZ3RnVhnn4G9vmNH_JjKYs5_6LHFDSNSgsMWgeF-y29dM0907wMSIKsUjcRmJXW5FdQ-TpUb7LerhCbohpU_3jZzAA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498480&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401373&bpp=12&bdt=1130&idt=901&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=2&ga_vid=692483964.1668088402&ga_sid=1668088402&ga_hid=1024014365&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44770880%2C44775016&oid=2&pvsid=3785228714276847&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pj026n2udit8&fsb=1&dtd=919
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB7yxlnmxY2mXuyJVMx99pg&google_cver=1&google_push=ASkJ3FbRpsyk3Q-DfiThoV38SVA3sCCzjQJ1SSvs1Glnt6OvHcqeFwogW4iqs3OL_NaCf1FHq4UqyqVkwUnxqtDD...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbRpsyk3Q-DfiThoV38SVA3sCCzjQJ1SSvs1Glnt6OvHcqeFwogW4iqs3OL_NaCf1FHq4UqyqVkwUnxqtDDs2fOyn7yfzEQ3Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbRpsyk3Q-DfiThoV38SVA3sCCzjQJ1SSvs1Glnt6OvHcqeFwogW4iqs3OL_NaCf1FHq4UqyqVkwUnxqtDDs2fOyn7yfzEQ3Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FbRpsyk3Q-DfiThoV38SVA3sCCzjQJ1SSvs1Glnt6OvHcqeFwogW4iqs3OL_NaCf1FHq4UqyqVkwUnxqtDDs2fOyn7yfzEQ3Q
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 13:53:24 GMT
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPb-omYNp4-HDDwi5sZ7sB4&google_cver=1&google_push=ASkJ3FbuDkahyITc8fn5Obxyawa_apMcEQ9M4y9FhLihVP8em2hy16aUSDEIXqYAMmjP7_FKit7wz...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FbuDkahyITc8fn5Obxyawa_apMcEQ9M4y9FhLihVP8em2hy16aUSDEIXqYAMmjP7_FKit7wznYim6Bw6qyjZ6FnqypoXj_jPQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FbuDkahyITc8fn5Obxyawa_apMcEQ9M4y9FhLihVP8em2hy16aUSDEIXqYAMmjP7_FKit7wznYim6Bw6qyjZ6FnqypoXj_jPQ
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:25 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4AD380CE7B73403B85DB7FE2ED57BD58 Ref B: SYD03EDGE0710 Ref C: 2022-11-10T13:53:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ASkJ3FbuDkahyITc8fn5Obxyawa_apMcEQ9M4y9FhLihVP8em2hy16aUSDEIXqYAMmjP7_FKit7wznYim6Bw6qyjZ6FnqypoXj_jPQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtHhjWSUzjqrsOrFvOcA==
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEK30xNVETW52pZwJnfPUdeE&google_cver=1&google_push=ASkJ3FaFrOwL2V3qrX69X3gtxr9UZA4uFbZpWjWBPpXBgAHNAjZNrIFTIFs38lDyTqfu7ialycEZXgdelq...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FaFrOwL2V3qrX69X3gtxr9UZA4uFbZpWjWBPpXBgAHNAjZNrIFTIFs38lDyTqfu7ialycEZXgdelq9nXrf61vfM31GlCY99CA&google_hm=&from_google=pc1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FaFrOwL2V3qrX69X3gtxr9UZA4uFbZpWjWBPpXBgAHNAjZNrIFTIFs38lDyTqfu7ialycEZXgdelq9nXrf61vfM31GlCY99CA&google_hm=&from_google=pc1
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:25 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=ASkJ3FaFrOwL2V3qrX69X3gtxr9UZA4uFbZpWjWBPpXBgAHNAjZNrIFTIFs38lDyTqfu7ialycEZXgdelq9nXrf61vfM31GlCY99CA&google_hm=&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEI6P6de6H6rTkqrrngb0MqU&google_cver=1&google_push=ASkJ3FbhlmeyE_X-SGHVX0wKYsSXpRgKoxb4ehUzYUaemr5oYVvLWSv-aBg4zq6UR-JT_VO70o-sikanf-CaAU7wbHggz79f-5P1NA
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZlN4MVRDMHNEZ3FBWmlPY1VBSnRZdw%3D%3D&google_push=ASkJ3FbhlmeyE_X-SGHVX0wKYsSXpRgKoxb4ehUzYUaemr5oYVvLWSv-aBg4zq6UR-JT_VO70o-sikanf-CaA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZlN4MVRDMHNEZ3FBWmlPY1VBSnRZdw%3D%3D&google_push=ASkJ3FbhlmeyE_X-SGHVX0wKYsSXpRgKoxb4ehUzYUaemr5oYVvLWSv-aBg4zq6UR-JT_VO70o-sikanf-CaAU7wbHggz79f-5P1NA
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZlN4MVRDMHNEZ3FBWmlPY1VBSnRZdw%3D%3D&google_push=ASkJ3FbhlmeyE_X-SGHVX0wKYsSXpRgKoxb4ehUzYUaemr5oYVvLWSv-aBg4zq6UR-JT_VO70o-sikanf-CaAU7wbHggz79f-5P1NA
date
Thu, 10 Nov 2022 13:53:25 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
245
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1&google_push=ASkJ3Fb6_KWfC4FR8gvKYOSPOm73lrJ-oQG3E9JU7PSyYaUfB4ZnoFwU7dR_Vqt_wQ8wWXiZnedt9ft3QonW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRHGeHFBp8_yfdXx5gEo5evjnDdd9tVg&google_push=ASkJ3Fb6_KWfC4FR8gvKYOSPOm73lrJ-oQG3E9JU7PSyYaUfB4ZnoFwU7dR_Vqt_wQ8wWXiZnedt9ft3Qo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRHGeHFBp8_yfdXx5gEo5evjnDdd9tVg&google_push=ASkJ3Fb6_KWfC4FR8gvKYOSPOm73lrJ-oQG3E9JU7PSyYaUfB4ZnoFwU7dR_Vqt_wQ8wWXiZnedt9ft3QonWE3LCd2_27iHE0r6CAQ
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRHGeHFBp8_yfdXx5gEo5evjnDdd9tVg&google_push=ASkJ3Fb6_KWfC4FR8gvKYOSPOm73lrJ-oQG3E9JU7PSyYaUfB4ZnoFwU7dR_Vqt_wQ8wWXiZnedt9ft3QonWE3LCd2_27iHE0r6CAQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEN37IX1uZNENcO_9LX9pHU0&google_cver=1&google_push=ASkJ3FbwfRqdlhOHZRnoOHi4s_e0t1x-al4nuBkMzHs9YdgX6ah30Lu_fX73G7dCx3YvMyKVx33BEf0OZNnC9W0...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FbwfRqdlhOHZRnoOHi4s_e0t1x-al4nuBkMzHs9YdgX6ah30Lu_fX73G7dCx3YvMyKVx33BEf0OZNnC9W0V9uGqhLj0KFC1NII&google_hm=M2E4N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FbwfRqdlhOHZRnoOHi4s_e0t1x-al4nuBkMzHs9YdgX6ah30Lu_fX73G7dCx3YvMyKVx33BEf0OZNnC9W0V9uGqhLj0KFC1NII&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=ASkJ3FbwfRqdlhOHZRnoOHi4s_e0t1x-al4nuBkMzHs9YdgX6ah30Lu_fX73G7dCx3YvMyKVx33BEf0OZNnC9W0V9uGqhLj0KFC1NII&google_hm=M2E4NWFhOGUtMjcwMi0zOTgxLTg2YmItZDgxMTBiMjY0NjMz
date
Thu, 10 Nov 2022 13:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame FFD8
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEJCVxaibOJ7oPceKvena3R4&google_cver=1&google_push=ASkJ3FZlNLw_78408vcaVDZ7asMyHkqLocrv8ZzcaYwYRG2r0DVx_unvyzNXIkygO7SgemwbbPvU_D4urIb2aOHcXQdSlQcEr...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZlNLw_78408vcaVDZ7asMyHkqLocrv8ZzcaYwYRG2r0DVx_unvyzNXIkygO7SgemwbbPvU_D4urIb2aOHcXQdSlQcErpn5hw&google_hm=b78f945cc6af...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZlNLw_78408vcaVDZ7asMyHkqLocrv8ZzcaYwYRG2r0DVx_unvyzNXIkygO7SgemwbbPvU_D4urIb2aOHcXQdSlQcErpn5hw&google_hm=b78f945cc6af0181b48ea8b4cf07a284
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=ASkJ3FZlNLw_78408vcaVDZ7asMyHkqLocrv8ZzcaYwYRG2r0DVx_unvyzNXIkygO7SgemwbbPvU_D4urIb2aOHcXQdSlQcErpn5hw&google_hm=b78f945cc6af0181b48ea8b4cf07a284
date
Thu, 10 Nov 2022 13:53:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame FFD8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KO6pXkAo59wkSi-k8U35SLcdOzskl2YeybWHQDcxgU-GwE8pjpKSjFcAV819JEI1QRRZOBsbE
Requested by
Host: fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame FAB4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDLRjYppjsDopYlqgUMmzCLiAsnmPOb5kP5LhVr8cnqS0tsqrAPukvjdGLm9jjcaaFj52jqYFzgS8wOzywcYMNfLhM5irLdr9V4irfsZAahn2GXAM2ftgrvFGnXR5unEwefTA&sai=AMfl-YQLkIRH70gnm3XpC3Y3neaX-oBCHHSvTZMoTMGbd5VcOUHkJBSe4ev3WzFQCSg7FmI-SSYfxE6uZ1uxCg0fGSGZbHKIMVgkaRNtY7xmodF4DJYph6aRf2ky6vKfaA&sig=Cg0ArKJSzISmFYBGEhhJEAE&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=705&tls=1705&g=100&h=100&tt=1705&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGHSjFL-J3TCaf74W2KCh2w9EurWorZgflAPhgd-jAXG-KuLvgOzBU-Ichy9R40S_WO8NHOHOSjbWmj0j8g8IKG4_mwysxfOaUVzHXvtbqoML5NmXYcs3DjIP1A33hLYHRguQ6r6nqBMiy37IGt3s4ntqJ0NH2SobQvkeGLRvc9ulc23bPDSuKHxAMsXr_HdXEJoliHIi98QxVYKy7mI2nIZDEEKqTtaIRfEr26Y8QAOLx_C34h8iE015rycK_RfmNq3wU40kKhbpg0vr4JCS9aJhGrv6bF1-c_MQFbwUvf43CdtVXpcpxsLidC0cYUWvhpoimpbLtDUK464EM0GJ-IANOn3JueRuPWYokCdC7GjzWnNjwHRwRED5q6MitHlkAHkL--LjsmruuBvh3cTVYTqjZqYcwmpk_2g1I61E9mrPI-zLOODEs9An3ak0IJ40sn3407ZsuEp0z_ZWEx5Ue8EpRB2OYQ4wg3XXb8gj-DFqRwdmpI5sefFD_AgGVNgGqq1yFR_h8Y5YLqWdN4LTVI_gp5kbiIojyV3FH86N-fWyib0Q5a9rB-TdeDV9LBOhc0uFaQ2ti693P3tudBsipxnU7NS_1NlSOENtR1Hsm9YgbaOC9ub-BX75d8h3IcXygbnl4OBdftEw1_by2zBOJVmdYFA9GKihYjWvZCeYeITSS-LCyED4GUpplw4kA76k3Qjy-o5E53UUS92Bs-Lf2SsuIQIRiycdnnqlgMRljeC2AK6rgvWVXjyza45rPXCi0ulV04WAobCXfK0M5mlE6YCTE83S7IkaB9j7JrTi-otUQdfM3ajnkYUmuuXtDMR_9LachN-W5ekQMjej2GdpDvXMk23TcRl4Asx7-RzM2wzFZdW5FiPDTqVrvlLEj5pH_2YPoJyoTWy5Id1roOXs1EsnDHieCQEBjVLAZWLQYecqrFYM-Eff4gg25KcNngMRUV-rU4IIr9UCPZ199-t71trVmCXGo-nzTPUdcqaQrsaEouTzDJ8NQqmIKi1kznKXjfhgt4nP494UcWtSnGJ6jXUlE3eczo2D11klpVxQSETt-TcDm37Fi-b4yTf9rmae8Z715-NOlxZ-7j1_xWpUGuwYPLR-O6O-BtXOzrHA9vtSXwpaRuaOYwaDE&sai=AMfl-YRfjZ62MHKPt03lsM1K4hdSURk-xGi1gMLRrIcUhfv_rrQe1y6wsSOzQ3WgB3K7cjuCizJZ49Ln2MoB0J7t12XTzVSVZDEffmjy8kqiKcAL45YGIrPekhl6LoB3mUCtfdV0k0ajBIOzwRh86Bvi0b5SJ4o0drWuc1dxrArpgT1Ex8D3YoBcBtOcYZVTzawyfe1yj0n39McgEyZx6rs&sig=Cg0ArKJSzHyLRfkMe0-hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1009&cbvp=1&cisv=r20221108.30446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 13:53:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 13:53:24 GMT
3842508833519743812
s0.2mdn.net/simgad/ Frame EA3D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3842508833519743812
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
7509a54fe5d827f469ccfedc968dffe35d21215a8323b4e954948b3fa4e5bace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 20:16:15 GMT
x-content-type-options
nosniff
age
149830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26622
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 20:16:15 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame E208 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 06:41:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 06:41:41 GMT
file.mp4
r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E208
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14E90B494FEC2FA336B0EDA82B77E3A8B95F75FD.123F96323FE2AA2088B9E3995C89D0281C5E7607/key/cms1/cms_redirect/yes/mh/1H/mip/116.90.74.196/mm/42/mn/sn-ntqe6n7k/ms/onc/mt/1668088124/mv/m/mvi/1/pl/24/file/file.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Server
173.194.28.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s07-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2208170
Last-Modified
Wed, 16 Mar 2022 00:55:33 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 10 Nov 2022 13:53:25 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:25 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
location
https://r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14E90B494FEC2FA336B0EDA82B77E3A8B95F75FD.123F96323FE2AA2088B9E3995C89D0281C5E7607/key/cms1/cms_redirect/yes/mh/1H/mip/116.90.74.196/mm/42/mn/sn-ntqe6n7k/ms/onc/mt/1668088124/mv/m/mvi/1/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E208 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lab4rm92&c=7522135407692&slotId=3761067703846&qqid=CKGjp8Xho_sCFb7vcwEdI-UN1g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.24f
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.161.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ig-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61BD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsEwaUwJtY472FfaFz7sP8vKssAwAAAAAOAHgBAI&bg=!NzSlNHDNAAbvMpMzzzI7ACkAdvg8WrtwRS7tYZb3_xTwGEjh-91zd2PVGnJWM4KfPmxeKHLsI-YSJQIAAACBUgAAAAJoAQeZAxrXHE3JZ-TzuLUag0ettEwUw3YkZAp1_BbZWaWC7zHb1tHu2RUE3yQhrZL2M0k7_ZyMCOgq9AzDX34XAqmhaBXk4IOVI0kGa_FQZay7R51ptpu7HvwqdNjNqUYyT3d-SMdpce8RvQzdp4PCRMYwaBW-YMVjAqht0Dw-wP61e5iZiAXcev4H5O9pDTC5o7DeI46pi9rjov8Pjq25M4WcIJNE7rsroKhVkSMgB987q8SFs4mlJzLRZ5XtpdAPh1vSRhI7a1V2vQIwhvVIEmuY1eQa0ExN1VthUD1jShJROalfecZMbLxL8PTUvUZDUyN8uJoczt61zBdCgUEWnCfHRG_qnYbb_YpEycA1rJQ05hfUn-BoTWl2Fqj6Z-lE1F6QnMsU95G9q43NaGwWYeehM_bzdWhq6_k4qmoCuUCyVfh0LnzARXN1V9htBYhLQMzgrhHo0P5GRDvM7iR64OV3Sw5Y_1EBINFXIrsudYa-CwHCqlnKngt62_r4I-mS4tnERvi_C42gZGBuPFpJtNbGyGMNJDf3QEnrAeXECpoUM33OfDG62nniADoYQAR6n2yvAgy1YPVPau31RHafG2SJRmJ2SfsByKiA9bAAAIR_GzxbroemOnjy39EZ4jwnaMiWUg9gUP6NGd7_iIItnOxzVBR188PPI-dSlNTpSZ48sPG3nz5zQ67sQMDU-gPMtH9rOF2v3EVVsaJgA78RpdHfSvsKQRb69WE8QasgeE2-dAs_G2yBLxoGirE2MUzAPqOnd9Q82HDCIA8_EWopzJKyQWGnTpk44CjHGheth8f9fV4yJyOFgr2PwxuKbjCkpB-Eb2DXLawU8iuUK6b_qZQDvHuhbkuMX4M3XT_wPB5TUA3kfWl5kBYvutSO6Ai0iRMcf2w8o_1t16j16gqkPzgYkaB97aAzUbJp3S0IH3TpKJZOUVObmuRtdJcwkI2qwJjCzblBoiw6OVCFQjvSGasNGLHa0EH-d2RT6HCM4n05swymYCO7E9dsYwZw56d3QP0eZWSO5ir11dr4TkG1cXH_XRs00owmgld-vwS68Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2844491747&adf=53498479&pi=t.ma~as.3006%2F14006&w=336&lmt=1668088402&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668088401346&bpp=16&bdt=1029&idt=966&shv=r20221108&mjsv=m202211020101&ptt=5&saldr=sa&correlator=1563271422649&frm=23&ife=1&pv=1&ga_vid=97360968.1668088402&ga_sid=1668088402&ga_hid=142627606&ga_fc=0&ga_cid=amp-ke56cJIxYSkF6eo6rRYZrw&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2578&biw=1600&bih=1200&isw=336&ish=280&ifk=1025520735&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44769306%2C31070617%2C31070722%2C31070762%2C44770881%2C44775017&oid=2&pvsid=1414097753187374&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4sirfcbb7r40&btvi=1&fsb=1&dtd=984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 10 Nov 2022 13:53:25 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
277751
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		333 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
84d9e98e66076f2c867680602383eeeb906dbface7846a73b9e374a1e2712187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
633178
expires
0
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f97a6f31613a9dbc46accec6d442c0fcf438ffeeba804938a0e5a411fb67241c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Nov 2022 13:53:25 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 10 Dec 2022 13:53:25 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 34DB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.3 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-3.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 10 Nov 2022 13:53:25 GMT
ETag
"623de86a-cf34"
Expires
Fri, 11 Nov 2022 13:53:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 4EE5 		533 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d6a23edbba8922d7b7047fb4a3acdab5317c439c4d01ecb88c2e6ed007ef7804

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Thu, 10 Nov 2022 13:53:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 0001 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668088400295
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
4734cc732e1756acd5b25a3f5b4c95599f954004c024c39a968248e365b269fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1376
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 4C57 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:25 GMT
expires
Sat, 12 Nov 2022 13:53:25 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 3E22 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 13:53:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 9C5D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-36.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
45221
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 01:19:45 GMT
etag
W/"3f9fe5e8418a849fb87380af5ee37be6"
last-modified
Tue, 08 Nov 2022 01:16:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 72b94a25bcecdbda64f33818ad380f7e.cloudfront.net (CloudFront)
x-amz-cf-id
xJVqUIsFHWEv_HiHsfvSDkbYrD0QuHuiAM6rrZ4PdwflcZn35rRJxg==
x-amz-cf-pop
CDG52-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b53fbd2f-551a-488c-a424-2e86d2c8da6f
x-amz-meta-codebuild-content-md5
1392d0a0af229d92a17f00e1ea0d9335
x-amz-meta-codebuild-content-sha256
ebfa1f961263d3afe7dd71dd9b123dfd9a7fb454041f01580b85f67111a14543
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 606E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
395
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
767f46354e45a965-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:25 GMT
expires
Thu, 10 Nov 2022 17:53:25 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
ac326562a25ab091a4b4c84022054c7ced6a52aa70f17aaed6ca9a5af3941c8b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1143
content-type
text/html; charset=utf-8
date
Thu, 10 Nov 2022 13:53:25 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 10 Nov 2022 13:53:25 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame DA91 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
111696
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Nov 2022 06:51:49 GMT
expires
Thu, 09 Nov 2023 06:51:49 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 4EE5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=9192791989223138597&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9192791989223138597&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=9192791989223138597&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 4EE5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=1215e174-6322-7b27-d193-e9355206cf4f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&ttd_puid=1215e174-6322-7b27-d193-e9355206cf4f&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&ttd_puid=1215e174-6322-7b27-d193-e9355206cf4f&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&ttd_puid=1215e174-6322-7b27-d193-e9355206cf4f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 4EE5
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y20CVcCo5ssAAG1SVZsAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y20CVcCo5ssAAG1SVZsAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
35
Date
Thu, 10 Nov 2022 13:53:25 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":35,"gdpr":false,"ipv4":"116.90.74.196","key":"Y20CVcCo5ssAAG1SVZsAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40351"}
X-SO-Key
Y20CVcCo5ssAAG1SVZsAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40351
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y20CVcCo5ssAAG1SVZsAAAAA
Cache-Control
private
X-SO-HostName
a-ad40351.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-IP
116.90.74.196
sd
jp-u.openx.net/w/1.0/ Frame 4EE5
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZx_8S89wff_ks8ADv76QF9lHs8AAAGEYdEgfQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZx_8S89wff_ks8ADv76QF9lHs8AAAGEYdEgfQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
via
1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AZx_8S89wff_ks8ADv76QF9lHs8AAAGEYdEgfQ
cache-control
no-cache
content-length
0
x-amz-cf-id
07vft_OrIGc5kvw2ehRHjYJfmLdMOo8PMQmOpizRvDXB-kX7UvTGug==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4EE5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2U3YTMyYmUtYWE1NS0yNTgzLWM0NzMtYjM4Yzk4ZTQwMTJm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4EE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame DA91 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 21:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 21:23:35 GMT
usermatch
ssum-sec.casalemedia.com/ Frame AEF7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c19823a29f6be2e40fac2c19077facc5507bd41ca8039df6284ce48aff645a9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767f4637cfb3ee96-AKL
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 13:53:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7UauadXxlEw7S4b1wlFI5XjrfurFL7fZMhrWzhBYZes09HgiT90NWPHtUJis6H5ZNnl9jXgfCLyM4kg6bIB5dW5ZUZ8dG%2BRgCVvAb7sU8J%2FsgyDgBf0CR4%2FYfIu2goUWzkrbNAq8akukg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
all
csm.as.criteo.net/ Frame A1E4 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Ta9eUzELK9yfQtGlri33bLyfQJo4MhAFh6l96ZqTZ9PPR7mYcTuKlK-DQrG1UkvHvfSVsOkBQYJVoi1MP1I66SyJwMp2aSJMB5TQZtR60V2CY7wJK7JJfyEew8oFb7K6s5c_weTIgsu3Zo5ovXdzq1m_PVdxrQ7Qo5yZhmecPAufdYv3TYXTvfSBy2r3ErRZ3QkGUYgglw3NZSeqfhwZcdaXFdRe5s_7bhsWzgFobJTgnAcqN5t4gZKW1SCH6unPzmdnrA&sds=2&rev=83376.1&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y20CUgACGSMBc---AA3lIymdAeM6fqnjjd3EuA&u=%7CxmXEJVNT8z8iRlAZl13oKpqsOcyUb0R5d68y5BHdxxY%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1bFsia3VIbqhyF-OPpbwZaMH3QpbUbc5EVTQBX4b07eZjiSzyubx7ldZgKaPzwPBCHD0uGs_CA-V6wLMIuWIVoQ2kTJIaNYcItDbxSHdjUIoXDUZQ3RO1gY3LS13V2kmeZ4k7tedwLJ9S6xN1CDiN6J-ZGGPq2CtjOIh0v4fOlUad0Gx3bX73WYooIjCjwdn1BjkLnsCoXcdK6FGiiWdW3CY3cP9Bdt14_F6QxYPqPep3a3V9chnlcV-FnrsBj48KVEeq2CyLoJZxjukixlxgL0J74bt_7eVdrlMgkIsKqK8miarCcsKMkN0Pmniaq_DxoPX64zTeWNi1PV_KVkhqUGddGwodB_M7P4WXq6qjBouOLH7jpcFKHw6SZ9SObMocSQtPZB6oPxnENC9LpBh6YP0lJxM36gJ9iJyZFDqIYn50ohcxDSOKZ37erOFsohRIIIn2JgBmqAcoCBIYzgY8T9CExa-QgusQMQR0C5WmKpQtGuOWln4DETektP9f0zNMUotj_Ue26meKfgNzUPtPGRzNuIBK-7EQZpeobSHd5Cy-17R1w-jR1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5rgjUgJtY6OyCL7fz7sPo8q3sA2Y_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQJOeT-DMX-lPuACAKgDAaoEmQJP0PI9PJARGXNxl9kIDbBn95DWXEFocFstKQqhNPlEBes_WIaFLXjUEAIdlRsZ0mSCuEnCwdOCmQj8EIYIgPfx2oSSJ7SsPB_748g1uuwBjGGx2FJ5ljcW7sN7Qw86ULM0euZkHIOO6XnmsDvgu8gUwfgKHoY2KB0NVASWA60E3e-idJKiAzRI00zJcmGp6mBIPUZ6lYauZgu0FxiAomwdGhSBM0eilbJMfxDyhG7lbhF6LVL-R-WDOl1Bd3-sVzoGdNHkCb9mVEGgK69LBoPVMWvo-dgi7Q53Z0iXuP6QmqJ4dDpqZQazoEbMtOWJw7u-YGMkx5XWmpNzvdIcj6NEltwbvolVcB1IitPA4vgRngmR5GQs1IIlv-AEAYAG-aHt1LfS-d1ioAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kPvI0GwQk2tgEyv-PVZ44vu2j1g%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 10 Nov 2022 13:53:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA91 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BS4YaVAJtY_atHc-EowP5t7GgAQAAAAA4AeAEAg&bg=!yMuly4_NAAbvMpMzzzI7ACkAdvg8WpHY7HYkTzDY_biIDe73-3eYmIvdwqnHvXIFrE6XrHZQtH-kQwIAAABIUgAAAAJoAQeZAuHbPjEiw8Vc4FfbGPgSuFj_IwcgUAUtMhgjiYot0Txm-kp5ib-J5-z_MszJkqTIJzswcX3-aEaqiwYdhSooTnEf9cPEfFDji_X-NPa8GumEoag_BxR7JpGccchYc5QS4YkJDcZDMqTcn5s0nYWxcAC1RwVsQ3KGxNc8iLMjU5hXt-mPM8dwSebAmHMtTohtZ-Wt0gNft26QRFiOjLQCr6jmlGac75Ky8Mud5UReAjQr9gRnEmQ4_VvnCOeI3cjWd9vWZQeOhqUl0FbqFEaEWXMTvlulKJlQio1EZz4pHwqY_Q9ePcM6d9VLKKgyALwZhG9WBAc5Tejb9SO9PQLhaYZlWUMdpb8JF4fdwRg_egewY5ycmCQV2Ak1RZMXgnWy0uqup04eZXNrevG4PuU_v42f7UKwNM0hZt9nUtULPy5sLfrHq3apboq3rBMxHvl0e8_kFSMOmwzOu0rlukOH1k6e3xsrL_kQs4ILa1qhMByyE5DFjkAGrZdEOENYGE2V-8Zw2C92Uu5m8GqhrL-F53317snYQEtugybGwJvGhu3DRKHOLORhtWrAKGpuzd7LMr_Nx4Fr28QK2IKugr63tesjeKCLDUzbf_3OaVT3DLxOH3kqmc7U0tIXIQ6Zz_fBNHF1czSBcWIw1SdAL0DDFrEvMbcgcwAU5PsHQbM8AQ0sdjGK_xpqEq44anX6eeChw5je6dyYGHQhK4JmgOtgR9Jt83PKqYKzkHuSWFPmnL2SCIaAuuTIguZpLCH1U5C9Wj_3l77HL2oawrbWDSuWhNUfBrK1W_BT7eoYCFxRYCkmD1DMrUqk4LwtI-0anHPAYLKqeREsnDymHRLY32vTGgr_xDOq28njRuyJ-b4Iw9TNTsqJPlBK2lUUmpIja44f_uMrvOOF2ITD71m5DgilWCuQGTizYCd73Wea8moCemqvGCBW13jydzHTJTxfjH0PcFyBKyTG-UCzl24bJ3lbexC1qQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 0001
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 13:53:24 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 0001 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 0001
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2434649983444340243
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2434649983444340243
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
392771ce-d482-414c-a242-dde99c7093b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0001 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=aeOmWlA7VvpkgfEM1AjJvxykNOWLfLQKm7IqivAIHpY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0001
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRIIPqwlUjJ7vg7F_5btRdoCtVnpVZnA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRIIPqwlUjJ7vg7F_5btRdoCtVnpVZnA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRIIPqwlUjJ7vg7F_5btRdoCtVnpVZnA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 0001 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:25 GMT
content-length
0
/
onetag-sys.com/match/ Frame 0001
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCNaEtJsGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Thu, 10 Nov 2022 13:53:26 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0001
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BDQ40N0ZJSNZTPKKQ90P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 0001 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.197 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
content-length
0
/
onetag-sys.com/match/ Frame 0001
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEGulP34N61qWpJ3TyhQ5q7o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame 0001 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 0001
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 0001 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1668088400295
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 13:53:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTc5MTE3NzE0MDc4OTA2Nzk2Njcy
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED5P50_qZmTqWMsGIoYINqQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED5P50_qZmTqWMsGIoYINqQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 13:53:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESED5P50_qZmTqWMsGIoYINqQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 94DE
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTc5MTE3NzE0MDc4OTA2Nzk2Njcy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTc5MTE3NzE0MDc4OTA2Nzk2Njcy
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=OTc5MTE3NzE0MDc4OTA2Nzk2Njcy
date
Thu, 10 Nov 2022 13:53:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 94DE
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=979117714078906796672&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=979117714078906796672&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b2fa4faf-4332-403c-af23-39a4b1d8ba48&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b2fa4faf-4332-403c-af23-39a4b1d8ba48&_noobservation=1&_expected_cookie=207ac27...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b2fa4faf-4332-403c-af23-39a4b1d8ba48&_noobservation=1&_expected_cookie=207ac274878fd7d822498885f07a5032
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 10 Nov 2022 13:53:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
767f46407faba961-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=b2fa4faf-4332-403c-af23-39a4b1d8ba48&_noobservation=1&_expected_cookie=207ac274878fd7d822498885f07a5032
date
Thu, 10 Nov 2022 13:53:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
767f463edeada961-SYD
content-length
0
xuid
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=979117714078906796672&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4344049554935797039&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 13:53:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 10 Nov 2022 13:53:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/979117714078906796672?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.JyPq09E2oQe5PcdIzZ6eZ3e6fXcGa3TjK5Ka7g_FA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.JyPq09E2oQe5PcdIzZ6eZ3e6fXcGa3TjK5Ka7g_FA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 13:53:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 10 Nov 2022 13:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.JyPq09E2oQe5PcdIzZ6eZ3e6fXcGa3TjK5Ka7g_FA--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame 94DE
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=979117714078906796672
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=979117714078906796672&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=979117714078906796672&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y7CNRPAE0KWPFEHSC674
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=979117714078906796672&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame 94DE 		42 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=979117714078906796672&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B65BEF2BCFC1498F8F5E49CBD8FD3472 Ref B: SYD03EDGE1713 Ref C: 2022-11-10T13:53:26Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 94DE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2434649983444340243&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2434649983444340243&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 10 Nov 2022 13:53:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1b2c4576-1da4-4910-be7c-d4b8e2173dea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2434649983444340243&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 25BF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
19d67d5b5eabf29f229015745c0caa3b21cc4dd3a065408870c3b39bf74a0d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12466
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA3D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGHSjFL-J3TCaf74W2KCh2w9EurWorZgflAPhgd-jAXG-KuLvgOzBU-Ichy9R40S_WO8NHOHOSjbWmj0j8g8IKG4_mwysxfOaUVzHXvtbqoML5NmXYcs3DjIP1A33hLYHRguQ6r6nqBMiy37IGt3s4ntqJ0NH2SobQvkeGLRvc9ulc23bPDSuKHxAMsXr_HdXEJoliHIi98QxVYKy7mI2nIZDEEKqTtaIRfEr26Y8QAOLx_C34h8iE015rycK_RfmNq3wU40kKhbpg0vr4JCS9aJhGrv6bF1-c_MQFbwUvf43CdtVXpcpxsLidC0cYUWvhpoimpbLtDUK464EM0GJ-IANOn3JueRuPWYokCdC7GjzWnNjwHRwRED5q6MitHlkAHkL--LjsmruuBvh3cTVYTqjZqYcwmpk_2g1I61E9mrPI-zLOODEs9An3ak0IJ40sn3407ZsuEp0z_ZWEx5Ue8EpRB2OYQ4wg3XXb8gj-DFqRwdmpI5sefFD_AgGVNgGqq1yFR_h8Y5YLqWdN4LTVI_gp5kbiIojyV3FH86N-fWyib0Q5a9rB-TdeDV9LBOhc0uFaQ2ti693P3tudBsipxnU7NS_1NlSOENtR1Hsm9YgbaOC9ub-BX75d8h3IcXygbnl4OBdftEw1_by2zBOJVmdYFA9GKihYjWvZCeYeITSS-LCyED4GUpplw4kA76k3Qjy-o5E53UUS92Bs-Lf2SsuIQIRiycdnnqlgMRljeC2AK6rgvWVXjyza45rPXCi0ulV04WAobCXfK0M5mlE6YCTE83S7IkaB9j7JrTi-otUQdfM3ajnkYUmuuXtDMR_9LachN-W5ekQMjej2GdpDvXMk23TcRl4Asx7-RzM2wzFZdW5FiPDTqVrvlLEj5pH_2YPoJyoTWy5Id1roOXs1EsnDHieCQEBjVLAZWLQYecqrFYM-Eff4gg25KcNngMRUV-rU4IIr9UCPZ199-t71trVmCXGo-nzTPUdcqaQrsaEouTzDJ8NQqmIKi1kznKXjfhgt4nP494UcWtSnGJ6jXUlE3eczo2D11klpVxQSETt-TcDm37Fi-b4yTf9rmae8Z715-NOlxZ-7j1_xWpUGuwYPLR-O6O-BtXOzrHA9vtSXwpaRuaOYwaDE&sai=AMfl-YRfjZ62MHKPt03lsM1K4hdSURk-xGi1gMLRrIcUhfv_rrQe1y6wsSOzQ3WgB3K7cjuCizJZ49Ln2MoB0J7t12XTzVSVZDEffmjy8kqiKcAL45YGIrPekhl6LoB3mUCtfdV0k0ajBIOzwRh86Bvi0b5SJ4o0drWuc1dxrArpgT1Ex8D3YoBcBtOcYZVTzawyfe1yj0n39McgEyZx6rs&sig=Cg0ArKJSzHyLRfkMe0-hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2160&vt=11&dtpt=1151&dett=3&cstd=2159&cisv=r20221108.30446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 10 Nov 2022 13:53:25 GMT
index.html
s0.2mdn.net/sadbundle/11279563131162724535/ Frame 66D4 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
c699dae460d201dbfdf3a850a83c2cd9c41d0eb96873bdefe263808f531794d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
182158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3551
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 11:17:27 GMT
expires
Wed, 08 Nov 2023 11:17:27 GMT
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 3E22 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5494709c6d309cb4f1106f964f9ca3768c62bade2887eca9f89195734e1d5a71

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:40:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49610
Connection
keep-alive
Content-Length
9883
Expires
Fri, 11 Nov 2022 03:40:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3BC5 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
38892d487f3ed5f0d46025eeccdd4669e8ba05d134acb1bce70c33f024910e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12581
x-xss-protection
0
sync
gum.criteo.com/ Frame 4C57 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
290976
expires
60
usync.html
eus.rubiconproject.com/ Frame 05CD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 13:53:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 13:53:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame AB8E
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Drkt%26refUrl%3D%26vid%3D808840587931109000574436560...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=rkt&refUrl=&vid=80884058793110900057443656000V10&ovsid=1991787314819964909
219 B
652 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=rkt&refUrl=&vid=80884058793110900057443656000V10&ovsid=1991787314819964909
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 13:53:28 GMT
expires
Thu, 10 Nov 2022 13:53:28 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 10 Nov 2022 13:53:27 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=rkt&refUrl=&vid=80884058793110900057443656000V10&ovsid=1991787314819964909
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9FB3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dpba%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=85847
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:44:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 4C57
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dapx%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=apx&refUrl=&vid=80884058793110900057443656000V10&ovsid=2434649983444340243
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=apx&refUrl=&vid=80884058793110900057443656000V10&ovsid=2434649983444340243
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 13:53:26 GMT

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
df404cd3-d21b-4a40-b581-42c5e80f261b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=apx&refUrl=&vid=80884058793110900057443656000V10&ovsid=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 4C57
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3110900057443656...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=opx&refUrl=&vid=80884058793110900057443656000V10&ovsid=da3988eb-c822-41c7-b2dc-975be0e95d93
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=opx&refUrl=&vid=80884058793110900057443656000V10&ovsid=da3988eb-c822-41c7-b2dc-975be0e95d93
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:26 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 13:53:26 GMT

Redirect headers

date
Thu, 10 Nov 2022 13:53:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3110900057443656000V10&type=opx&refUrl=&vid=80884058793110900057443656000V10&ovsid=da3988eb-c822-41c7-b2dc-975be0e95d93
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 4C57
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dmma%26refUrl%3D%26vid%3D808840587931109000574436...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=mma&refUrl=&vid=80884058793110900057443656000V10&ovsid=c619636d-0255-4600-91f3-34a69b38850b
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=mma&refUrl=&vid=80884058793110900057443656000V10&ovsid=c619636d-0255-4600-91f3-34a69b38850b
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 13:53:26 GMT

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=mma&refUrl=&vid=80884058793110900057443656000V10&ovsid=c619636d-0255-4600-91f3-34a69b38850b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 13:53:25 GMT
RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004
sync.targeting.unrulymedia.com/csync/ Frame 4C57
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8272918142
  • https://sync.1rx.io/usersync/tradedesk/e11df97a-bc19-41e3-8a8b-2e3a06a2866f
  • https://sync.targeting.unrulymedia.com/csync/RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%2...
0
0
cksync
cs.media.net/ Frame 4C57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzExMDkwMDA1NzQ0MzY1NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGr4cB3RV5-XB---efKXDAw&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGr4cB3RV5-XB---efKXDAw&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
104.70.236.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-236-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 13:53:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGr4cB3RV5-XB---efKXDAw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4C57
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Ddxu%26refUrl%3D%26vid%3D80884058793110900057443...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=dxu&refUrl=&vid=80884058793110900057443656000V10&ovsid=zDnCcIlz1OT7ZH5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=dxu&refUrl=&vid=80884058793110900057443656000V10&ovsid=zDnCcIlz1OT7ZH5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:26 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 13:53:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:25 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0be4466892d3f37f0@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3110900057443656000V10&type=dxu&refUrl=&vid=80884058793110900057443656000V10&ovsid=zDnCcIlz1OT7ZH5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 4C57 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
166522
expires
Thu, 10 Nov 2022 00:00:00 GMT
user-sync
sync.adkernel.com/ Frame 4C57
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=6aaf0941-3cd4-4660-9549-a12bd2554ec0&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171249830&expires=5
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0
42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
216.130.169.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

Location
//sync.adkernel.com/user-sync?dsp=336050&t=image&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0
Date
Thu, 10 Nov 2022 13:53:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 4C57
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dzem%26refUrl%3D%26vid%3D80884058793110900057443656...
  • https://stags.bluekai.com/site/23178?id=tdhFFgf1VycTFVPjLNaN&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUMRUEMRTHMYYVM6LDKRDFMUDKJRHGC...
0
0
cksync.php
contextual.media.net/ Frame 4C57
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3110900057443656000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3110900057443656000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=2f68d298-957b-4cc2-b36a-0d898276869d&cs=1
45 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=2f68d298-957b-4cc2-b36a-0d898276869d&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 13:53:28 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=2f68d298-957b-4cc2-b36a-0d898276869d&cs=1
Date
Thu, 10 Nov 2022 13:53:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 4C57 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Demx%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.24.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-24-178.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 4C57
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
104.70.236.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-236-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 10 Nov 2022 13:53:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
file.mp4
r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E208 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/fcaa9922258a7dd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1699624404/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14E90B494FEC2FA336B0EDA82B77E3A8B95F75FD.123F96323FE2AA2088B9E3995C89D0281C5E7607/key/cms1/cms_redirect/yes/mh/1H/mip/116.90.74.196/mm/42/mn/sn-ntqe6n7k/ms/onc/mt/1668088124/mv/m/mvi/1/pl/24/file/file.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.28.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s07-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
7adea9b07f8f0e2cc0c38c203b1448aa5aa53063056c5c79d82688ac39da3900
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 10 Nov 2022 13:53:26 GMT
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2208169/2208170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2208170
last-modified
Wed, 16 Mar 2022 00:55:33 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
client-protocol
quic
activeview
pagead2.googlesyndication.com/pcs/ Frame 639C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssd482fYAR5TXKiPgP1g-SPrduyy7qA4PFSBeuw5Efl1x_K_ORQAa8WwLHvDgtodu8yFV62OykpeYUT-IzfWGCVY8pk&sig=Cg0ArKJSzLoWGyzIT3KoEAE&cid=CAASFeRohnK8eK_utE79ypXK7ibEBjuiIg&id=lidar2&mcvt=1008&p=300,5,900,125&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668088402952&rpt=1932&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AEF7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C309BX4B340RBY97HRCS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EERM4S35XDX58EHSVC5N
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AEF7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame AEF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HATa0tEcMO0m95R12TB0RGnRIU9neiH%2B%2BEd1DKb2x%2F57LEcskLIFJeoFjNWmvPgPeX2KyHH4l49L910fHBQlIwr4nS94adGwx8%2BRBpt0OgWHP97I2wBPtT4yE%2BHF2fpAKrrvvHfMaHS4Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
767f463bafd4fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AEF7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2434649983444340243
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2434649983444340243
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
63672b68-57cf-4c5f-ad5e-95c7f5e9fcd0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame AEF7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
35.163.132.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-132-81.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-03e40795d.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8nmufrGaQ0c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-07125beb1.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
E9ABZpmhTr4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
csync.loopme.me/ Frame AEF7 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.236.176 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
176.236.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
server
_
crum
dsum.casalemedia.com/ Frame AEF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2434649983444340243
43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2434649983444340243
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7g%2F62Qp9Gd47EuHHCq2BwrMPWA9slYnQYFt7v2V5z1%2BqiCGMr3ESLdIhbd7EQe4OJ7lWELHNs6BT7%2B9SCvIWxdOrpcztQnIuFeSg0443XQ235AE%2Fx5D1mrj8qceHmhcE1dLweHs"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
767f463dde7feea6-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3e14f3c4-cd90-4aff-94cd-f3e9c99492e7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AEF7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame AEF7 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y20CVIOgmcphDt9a8o76JgAA%264707
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
55430
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
767f463c2c23aad7-SYD
content-length
43
expires
Fri, 11 Nov 2022 13:53:26 GMT
async_usersync
ib.adnxs.com/ Frame 34DB 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
AN-X-Request-Uuid
79f48626-a617-4651-ac7c-7c89722fc427
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
s0.2mdn.net/sadbundle/11279563131162724535/ Frame 66D4 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592164
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16328
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 17:24:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 25BF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js?bust=31070722
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:28 GMT
13926
g2.gumgum.com/usync/ Frame 5E1D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.230.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-230-114.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c0b1a469b933bdf151216b9bb4b5d44d14a15ab9abdb126198e682b62b95b1c7

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 10 Nov 2022 13:53:26 GMT
etag
W/"0d32cf62851f3051baeb0948a9634148a"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame B10A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
7ed023d6325d058cbcb5ae7ed7193c962f01d479a1b1f8a944345a93b156eb85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1360
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F7A0 		812 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
97d91defa4069ba159136587d5b1a390d2979e66d3eb6a1979919773247185ed

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
812
content-type
text/html
date
Thu, 10 Nov 2022 13:53:27 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E6F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d90c7b11e85cf039458d0ffda0a6348003ca753ed8f74f5dd67b37a27612b23

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767f463b8fcefb7c-AKL
content-encoding
br
content-type
text/html
date
Thu, 10 Nov 2022 13:53:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUyD0eMVclep%2FpQq6KPvdBvBRBjoAUJ8NKfL52%2Bkgpo9D%2FgAKsBVmhb3V9%2BynFvCI3TScEXOyqWzJ0OqOpeJpCxYSGgMtwWf6Q9oFJZgXHUWfr48xUBG78IrwVfh5fHN8h6B%2FMla%2F5KFWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 250D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Nov 2022 13:53:26 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 13:53:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0BBD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=85847
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:26 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:44:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 9C5D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=2434649983444340243
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=2434649983444340243
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
140346bc-c78e-411f-ab32-5d1cebfa7d9e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 9C5D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FoNBERZH_e4VqfGXS_2aYKzG
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoNBERZH_e4VqfGXS_2aYKzG
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FoNBERZH_e4VqfGXS_2aYKzG
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 9C5D
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FoNBELZH1FGvhW1ER3G2_OpR
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FoNBELZH1FGvhW1ER3G2_OpR
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FoNBELZH1FGvhW1ER3G2_OpR
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004
sync.targeting.unrulymedia.com/csync/ Frame 9C5D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1668088406788
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1053650151
  • https://sync.1rx.io/usersync/tradedesk/e11df97a-bc19-41e3-8a8b-2e3a06a2866f
  • https://sync.targeting.unrulymedia.com/csync/RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%2...
0
0
sync
ads.servenobid.com/ Frame 9C5D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1978557980240168668
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1978557980240168668
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1978557980240168668
Date
Thu, 10 Nov 2022 13:53:27 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 9C5D 		0
0
pixel
ap.lijit.com/ Frame 9C5D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=1YN-&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%...
  • https://prebid.a-mo.net/cchain/0/10105?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3b8b88dd-5342-4808-b40c-079fc2cb50bb&bidder=index_rtb&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dappnexus%26cbx%...
  • https://prebid.a-mo.net/cchain/1/10105?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=3b8b88dd-5342-4808-b40c-079fc2cb50bb&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3b8b88dd-5342-4808-b4...
0
0
sync
ads.servenobid.com/ Frame 9C5D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
date
Thu, 10 Nov 2022 13:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
eb2.3lift.com/ Frame 9C5D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0zYjQxNGEyZS0yYTE1LTM2YzEtYjk5ZC0wODhkNDljMjIyMWUqU2h0dHBzOi8vYWRz...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F3918%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dappnexus%26cbx%3DaHR...
  • https://prebid.a-mo.net/cchain/0/3918?gdpr=0&gdpr_consent=&us_privacy=&A=3b8b88dd-5342-4808-b40c-079fc2cb50bb&bidder=appnexus&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWp...
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3918%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dtriplelift%26...
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3918%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3918%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzB6WWpReE5HRXlaUzB5WVRFMUxUTTJZekV0WWprNVpDMHdPRGhrTkRsak1qSXlNV1VxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdE0ySTBNVFJoTW1VdE1tRXhOUzB6Tm1NeExXSTVPV1F0TURnNFpEUTVZekl5TWpGbE1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID&gdpr=1&gdpr_consent=
date
Thu, 10 Nov 2022 13:53:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 9C5D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
date
Thu, 10 Nov 2022 13:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3BC5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 13:53:28 GMT
pixel
cm.g.doubleclick.net/ Frame 3E22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFCNFJJUzktMVMtQTROQQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3E22
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hY5qQyFJSGGBcyy81cOiVw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hY5qQyFJSGGBcyy81cOiVw
0
0
tap.php
pixel.rubiconproject.com/ Frame 3E22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6nQ1StQtfJhF630-uOei0&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6nQ1StQtfJhF630-uOei0&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN6nQ1StQtfJhF630-uOei0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3E22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MabrZM46D1wDhvmWbOBMWcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1617610298944631654
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1617610298944631654
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 10 Nov 2022 13:53:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1617610298944631654
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3E22
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 3E22
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lHJTeg20RiCHy6ygzyJRhw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lHJTeg20RiCHy6ygzyJRhw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lHJTeg20RiCHy6ygzyJRhw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YYMTCKCECWS5EJPYCYZ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lHJTeg20RiCHy6ygzyJRhw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 3E22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB4RIS9-1S-A4NA
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB4RIS9-1S-A4NA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 4F1C70D498B349C2B04F7179E9C21A64 Ref B: SYD03EDGE0710 Ref C: 2022-11-10T13:53:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXtHhj5SVqt8w2M0SwlfA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAB4RIS9-1S-A4NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3E22
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM5NDRmZmZmOWNhYzZmZjE5M2JjNjY5MGNiOGY5YTMyODFjMmJiNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM5NDRmZmZmOWNhYzZmZjE5M2JjNjY5MGNiOGY5YTMyODFjMmJiNw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmM5NDRmZmZmOWNhYzZmZjE5M2JjNjY5MGNiOGY5YTMyODFjMmJiNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
63464a0721a1851b79d844e2e2413b78.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame 66D4 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/63464a0721a1851b79d844e2e2413b78.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
64ee123f451321843d5f59ffd8859851b94703f219cf64708becea73171e7d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 20:16:17 GMT
x-content-type-options
nosniff
age
149829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26265
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 20:16:17 GMT
0dace56df84f76cd75a49561faa7141b.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame 66D4 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/0dace56df84f76cd75a49561faa7141b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
2a0031d8e25051911b2fd368ca9766d16c003b8ed9f55a18a6d9a82b5f5c255c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 20:16:17 GMT
x-content-type-options
nosniff
age
149829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24070
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 20:16:17 GMT
13d16310de2f9fe80c2a2d57a1db6082.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame 66D4 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/13d16310de2f9fe80c2a2d57a1db6082.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
32ed70d61b938655576f2f31d071f9718cc672efbb416ba69bb30f24eaf5ce9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 20:16:18 GMT
x-content-type-options
nosniff
age
149828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19135
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 20:16:18 GMT
aaac52e52237af1ebf671778d845534e.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame 66D4 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/aaac52e52237af1ebf671778d845534e.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
ef23419b29829ad26bdbac33b6da62422531609065cee2adc0a8d17a001f0393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 20:16:18 GMT
x-content-type-options
nosniff
age
149828
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30242
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Nov 2023 20:16:18 GMT
b0d817eda60f9a21c106ee2f1dcf38ca.jpg
s0.2mdn.net/sadbundle/11279563131162724535/media/ Frame 66D4 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11279563131162724535/media/b0d817eda60f9a21c106ee2f1dcf38ca.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
fd2e64384d5cc71927cf81f5573a619ed7ca3a09864a1b8ac9167bbe2b1f6f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11279563131162724535/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 17:24:02 GMT
x-content-type-options
nosniff
age
592164
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20825
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 06:23:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 03 Nov 2023 17:24:02 GMT
csi
csi.gstatic.com/ Frame E208 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lab4rmjl&c=7522135407692&slotId=3761067703846&qqid=CKGjp8Xho_sCFb7vcwEdI-UN1g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=first_play&asset_bytes=193766&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.161.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ig-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9qe2xuGj-wIVT8JoCh35WwwUEAAYACCsoMlVOhoI1NW67gIQ2Pykm54EGJz_ruEDIMSDqYHPEEITCKGjp8Xho_sCFb7vcwEdI-UN1g;dc_rmcid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69...
ade.googlesyndication.com/ddm/activity/ Frame E208 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9qe2xuGj-wIVT8JoCh35WwwUEAAYACCsoMlVOhoI1NW67gIQ2Pykm54EGJz_ruEDIMSDqYHPEEITCKGjp8Xho_sCFb7vcwEdI-UN1g;dc_rmcid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668088406512;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E208 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CFWwJUgJtY6GyCL7fz7sPo8q3sA3e2eWabcSDqYHPELfLor3AARABILqEwDNgq-yxheAYoAGM8dKSAcgBBakCsgCXxTapoz6oAwHIA5sEqgTYAU_QQo75FoeyhGiL-MJJwhKu2lLMcwk5p3phork5dbc3aFZc05PpqhyEgqhKQffexbFnUMEETu3b7GUU55OBrqPn0oJZ2Xz8x7CE_Hv2JhFkj6g0PWlHVnhugQ6mXi9Z-WSp15fkWWSlO6npKokVk0BA7XBrOKge4eMhRaQ3pI-KaZMsM-N2-UvGGh93U97fSsNMCvecJTH64gbx9MRM3Y1fSlR4iiMpRu-MTa53QLSTMR6TTB0YQQd2gTETyVZd_yfubUGDRX47BR-UDtr6gMcYezI3C8jrPMAE2Pykm54E4AQDkAYBoAZ2gAfcjq3tAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHgCwGADAGwE-SShxHIE5z_ruED0BMA2BMKiBQL2BQB0BUB-BYBgBcB&sigh=UHAabXeKNDI&label=part2viewed&ad_mt=5&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668088406512
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E208 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstBw7-WsFWEnMTqCDqWrzPHMo0nw7yOKbOOR4m_WgizadidmGB-W2mVZy8K0EIJ9PpMVum5yjg6vpgMIRN4cJKEHNEJjXXK_pYOn3LDDTDUz6XYnBjjhG-knksIpDqi8NaTJeQBO2vyeWTLWw52HgBjzmmSTXarNBcOiLyTNkMZSm9woAyT8DcM6ZFVrm4jYw8qgOQgUoO24vWbzHPceqThKXdoBHU4i2w0BE4BiV-roOrcYUxPDk1Rss7tPWWGentzwYd3_Q8R_PSbxziW9pH1pI1dts2XgujH3yiiV47DrmvHSJL_L-l5LZDFX5qTn_Yu6lU7iVuJtsnetgqX1pwH6agCSu4u1ZF-9Rwx9qRHUAYlnXdRRrnQhoX7QemIsw5T9-n-mSmpRJEKGyvnDgBtQCfCKRZ02tKmOidDE2C6T4n-zq6DPhrmkMrUOxKK4JSP6_r6-1IiCHCfa672ABPVIYA1GxVAP6x6kL0uXrmJ1sj4B6FDoitvEy9yLtNRhwDXyHXp2HIRrZ2oqOEm6KC9ZxuqgJmEqsQzRdG1FQvwjo_62wH-SE9N7rVwwH7kcKHQ4989R7pUv0MpSkjP_ka5-4iUJFUEQl5AyjhGND9gsSfW1RJTFAktYFpalVWPTHubGF_RuNDTm4WCRuAQrHk5nyZUwJYuglU6ni5IhHVt9MjUw_mCIyaePumfQxJMb8uDD6FE1Natr8mDtSVIlIJ6jRDjkpj1UB2PKq52pgZKrI_HfgjezJzhlxBNVnOvGmL8G6q5QlTEO2cPVD10E9g8H8_QMX1z41dwgD9ESEgesnSzV_3yxvhwmDu720xJRRPjfch2M-j5SPJ2KCpAgGN--A2-yZKxFstRNfu2gB_GY3q2gckuraBhgRHsx5lUV4G5_n2l3anEqfCM4tZu6Res7wzJwofbSMnwZ6e62Fe3BGeDYXPTWmkOntPGIoNGQdoMwhqRR1abiuWRoqydjsMTr6U4WGz-kivs3LmfFP4chqVYISylGrVLp6LCE-3s26Tw9q9A6YdjJD3ISiL7iDqprgHSZBMtvb4iY5V_TpgEyWlBRg-cXRRFvZo6SevYSt7xC2kbCKgwGkbHvUf8acvt7LyA3wOEbHrq53J558plPuaqrK3LVAAQmCxL61lCzGPGdWfaJWpNyd90r3DAcDCSX3R81kSaCr3ebImI-jML&sai=AMfl-YRl1KfGT_Ez58rmo4g2NKVH3D0p_Tk7SiPSpdhaFpMOjfTmhBRK1nrgSG5lSPb3fuiLlErB9b-mYRNiZ4ihnPt3j6h5US4VNJtt1Gc7zWGbvB00scIerMyOGr-nLYgmIJtaFa0mpevqSkDw4TipBXq59Ku0HyzYccei7oN4aazkBVVevp-B4Z2GVXy1inOAu6phl9neK8GpPVR_2r3fxGy1fo2_PGRM4eLAbsuMeUjZ5zfIZuxbUYOPmJZylNAd1JW7FuMLsIQ&sig=Cg0ArKJSzEXNchlR7qYtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
imp
www.adtrek.co/adserver/ Frame E208 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.adtrek.co/adserver/imp?cc=ffc8882b-9a47-4728-964b-c86d1c9aeee5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:24 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
sd
us-u.openx.net/w/1.0/ Frame E208
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=COXuopICENTVuu4CGKfJwdQBIAEwAQ&v=APEucNVUy526rjJrJkEYIEr6BtmbaYxqhWohhNX4XI34SlpiEEecrwte2NSRbYZv9jST7h1elLbLqUVG12Hsztj5QVrwmyn8_g
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEO2-RiKUrYXXMTliJJuMbk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E208 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI9qe2xuGj-wIVT8JoCh35WwwUEAAYACCsoMlVOhoI1NW67gIQ2Pykm54EGJz_ruEDIMSDqYHPEEITCKGjp8Xho_sCFb7vcwEdI-UN1g;dc_rmcid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69...
ade.googlesyndication.com/ddm/activity/ Frame E208 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9qe2xuGj-wIVT8JoCh35WwwUEAAYACCsoMlVOhoI1NW67gIQ2Pykm54EGJz_ruEDIMSDqYHPEEITCKGjp8Xho_sCFb7vcwEdI-UN1g;dc_rmcid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668088406512;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E208 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUGHaC4YAS5AC-YIIokV2k2yHiTNuplKyLXUmWng0YA0PGndhEksfZ3QPJ93purAEu7bzerjgFu-2qEOLorxPCFMCNV3pFEdLV1ITUFBttRethMHwWZYMXHYMfW7AAKC0i9-0&sai=AMfl-YSignLiWJagxt5Gb0KY2xaY3Q3h0XmlzeJFXicNKcj3cwac9yjNoX5vj50HI5U6cN9NAV2tzUVPBIU57tPV88dLt3s3-66lAgMH0GvSfZhZT9Cs2od82TBGfh4QRQ&sig=Cg0ArKJSzNyyDCTxk5gUEAE&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw&id=lidarv&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1668088406512&avm=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E208 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CFWwJUgJtY6GyCL7fz7sPo8q3sA3e2eWabcSDqYHPELfLor3AARABILqEwDNgq-yxheAYoAGM8dKSAcgBBakCsgCXxTapoz6oAwHIA5sEqgTYAU_QQo75FoeyhGiL-MJJwhKu2lLMcwk5p3phork5dbc3aFZc05PpqhyEgqhKQffexbFnUMEETu3b7GUU55OBrqPn0oJZ2Xz8x7CE_Hv2JhFkj6g0PWlHVnhugQ6mXi9Z-WSp15fkWWSlO6npKokVk0BA7XBrOKge4eMhRaQ3pI-KaZMsM-N2-UvGGh93U97fSsNMCvecJTH64gbx9MRM3Y1fSlR4iiMpRu-MTa53QLSTMR6TTB0YQQd2gTETyVZd_yfubUGDRX47BR-UDtr6gMcYezI3C8jrPMAE2Pykm54E4AQDkAYBoAZ2gAfcjq3tAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgdMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgPICwHgCwGADAGwE-SShxHIE5z_ruED0BMA2BMKiBQL2BQB0BUB-BYBgBcB&sigh=UHAabXeKNDI&label=vast_creativeview&ad_mt=5&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1668088406512
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E208 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lab4rnv7&c=7522135407692&slotId=3761067703846&qqid=CKGjp8Xho_sCFb7vcwEdI-UN1g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&dm=15000&met.4=ff.3ix~videopreviewstarted.3iy
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221107_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.161.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ig-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E6F4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.232.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame E6F4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c619636d-0255-4600-91f3-34a69b38850b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c619636d-0255-4600-91f3-34a69b38850b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x21 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c619636d-0255-4600-91f3-34a69b38850b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 13:53:25 GMT
rum
dsum-sec.casalemedia.com/ Frame E6F4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y20CVAAHAFd5gwA7
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y20CVAAHAFd5gwA7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-mel11267-MEL
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1668088407.628090,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y20CVAAHAFd5gwA7
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame E6F4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJpo07G2gUAACB6cjtCUQ&expiration=1669298007
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJpo07G2gUAACB6cjtCUQ&expiration=1669298007
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAJpo07G2gUAACB6cjtCUQ&expiration=1669298007
Date
Thu, 10 Nov 2022 13:53:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame E6F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuT35f7N0%2F27cW%2B%2FdjF4PhB33o%2FEDw1NSi2SGcg4R2nkc0kUm8VWB1Dga4QuTjMMyItWJghlsQQ8Dv4YuPgOH3z7S4djM9BlQVOJzJUsuxlDoeKAiyWeHC6uhzUljXYszrjQDGIjQE8s%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
767f463ec8e0fb7c-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFQXEOKckUwniwohWuYtiQ4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame E6F4
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
35.163.132.81 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-132-81.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0ac3bbcea.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Y010X93RQss=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v041-0c2a4518b.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xMrQJJziSBQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y20CVIOgmcphDt9a8o76JgAA%264707
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame E6F4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3297295303483565349
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame E6F4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&expiration=1670680406&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
sync
ads.servenobid.com/ Frame E6F4 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 0BBD 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48494838&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a06e75d30880c3c9f6f5e8253feb2c757767f8720311a534465370583bacd2

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame B10A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRJTFZ1z3b2PZRgrJMq_7BY7Qf1wEAEA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRJTFZ1z3b2PZRgrJMq_7BY7Qf1wEAEA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhGHRJTFZ1z3b2PZRgrJMq_7BY7Qf1wEAEA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
711916.gif
id.rlcdn.com/ Frame B10A 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 13:53:26 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 13:53:25 GMT
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LAB4RIS9-1S-A4NA&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LAB4RIS9-1S-A4NA&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LAB4RIS9-1S-A4NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2434649983444340243
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2434649983444340243
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bfdc9ae3-7bfb-4edc-9372-cdbb0b3bfb19
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B10A 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1226009800986575256
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1226009800986575256
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1226009800986575256
date
Thu, 10 Nov 2022 13:53:26 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame B10A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IBwgblf1LZO-58XCbFpNjIpFkZ3Kb8kCshlXD8HhRXg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IBwgblf1LZO-58XCbFpNjIpFkZ3Kb8kCshlXD8HhRXg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WJB6FFT5TRD6PJ3PGE7W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=IBwgblf1LZO-58XCbFpNjIpFkZ3Kb8kCshlXD8HhRXg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUIxMzk4NTktMDE0NS00ODVDLTg1M0UtQTI4Njg0NTcwQTM2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
date
Thu, 10 Nov 2022 13:53:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
date
Thu, 10 Nov 2022 13:53:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
/
onetag-sys.com/match/ Frame B10A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=0&user_id=3-jXlNnp1MHE7NXG3OzMwdDu2cPE7dOUiOLGe6oJ
  • https://onetag-sys.com/match/?int_id=30&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&gdpr=0&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=6aaf0941-3cd4-4660-9549-a12bd2554ec0&gdpr=0&gdpr_consent=&us_privacy=
Date
Thu, 10 Nov 2022 13:53:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.servenobid.com/ Frame B10A 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8DB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMpGcuwLwSDEzv1OeF5Mdi0p46quHpbRkjNw_nOOfLhxjfHI46smbaB42P4TOqHgSAH82RleKl04b9Yn7nUTyi9nN51T2W7GOxgj9F7vmBy2NKjkn4WV4adm-8omkS2ix5zjA&sai=AMfl-YRp6XKb0VtinJk-nMDeUSH5ax9aAOruM_yGWNsoUZ00vAHHTfi7cKiomTudh9MV6mmg8qmNwU44sXsDy-WbmiVHxrA5mFzAxNrrcQ&sig=Cg0ArKJSzNkekQNYCbgJEAE&cid=CAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw&id=lidar2&mcvt=1004&p=0,0,284,336&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20221109&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2844491747&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668088402294&rpt=3563&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2434649983444340243
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2434649983444340243
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
75841e5a-6967-4686-82bd-ae3d1627125b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=2434649983444340243
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
a.sportradarserving.com/ul_cb/ Frame 5E1D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_a933d0ac-3bd1-4712-bbf9-c136a408d168&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
0
0
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2e6fcd4c-d455-4cc0-426e-af7bc1028ef5$ip$116.90.74.196
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2e6fcd4c-d455-4cc0-426e-af7bc1028ef5$ip$116.90.74.196
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2e6fcd4c-d455-4cc0-426e-af7bc1028ef5$ip$116.90.74.196
Date
Thu, 10 Nov 2022 13:53:28 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 5E1D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_a933d0ac-3bd1-4712-bbf9-c136a408d168&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=yHQxriQwgSA1sRAf-8yy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KIKF4HE2KRO5TVGQJRONJECZRNHB4XS...
0
0
RX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004
sync.targeting.unrulymedia.com/csync/ Frame 5E1D
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1668088407027
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8685808182
  • https://sync.1rx.io/usersync/tradedesk/e11df97a-bc19-41e3-8a8b-2e3a06a2866f
  • https://sync.targeting.unrulymedia.com/csync/RX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004
0
0
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=oHYfJ9sbrjX0&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=oHYfJ9sbrjX0&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=oHYfJ9sbrjX0&ev=1&pid=558355
content-language
en-NZ
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-79d45ddf-64mjv
expires
-1
syncPartner
sync.outbrain.com/ Frame 5E1D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28I0yvKOFKydeYNo2xS3Nu2okOz1VOu6oiAmLc0T3IodcKNuA2npTqhyXZ8vtBMpE0%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_a933d0ac-3bd1-4712-bbf9-c136a408d168&obuid=ENC(I0yvKOFKydeYNo2xS3Nu2okOz1VOu6oiAmLc0T3IodcKNuA2npTqhyXZ8vtBMpE0)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
0
0
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e5284504-4b37-4371-b6e8-f9d89a56ce09
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e5284504-4b37-4371-b6e8-f9d89a56ce09
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 13:53:27 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e5284504-4b37-4371-b6e8-f9d89a56ce09
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-dD_TN_JE2pefmIH5D9AN.xdTtqdLL8IoF1lC~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-dD_TN_JE2pefmIH5D9AN.xdTtqdLL8IoF1lC~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 10 Nov 2022 13:53:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-dD_TN_JE2pefmIH5D9AN.xdTtqdLL8IoF1lC~A
content-length
0
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=833ea32c-6d83-4eee-bc49-54865bf990ba
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=833ea32c-6d83-4eee-bc49-54865bf990ba
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=833ea32c-6d83-4eee-bc49-54865bf990ba
Date
Thu, 10 Nov 2022 13:53:28 GMT
Connection
keep-alive
X-CI-RTID
42563364-ee92-4e57-9361-198e7e6e4ab5
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 5E1D 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
684190698
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 5E1D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:26 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=5f949ad8-784c-411c-abc0-af59bf6bb99f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=5f949ad8-784c-411c-abc0-af59bf6bb99f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=5f949ad8-784c-411c-abc0-af59bf6bb99f
access-control-allow-origin
*
date
Thu, 10 Nov 2022 13:53:27 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 5E1D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1607565603117449587
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1607565603117449587
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1607565603117449587
date
Thu, 10 Nov 2022 13:53:27 GMT
content-length
0
sync
ads.servenobid.com/ Frame 5E1D 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_a933d0ac-3bd1-4712-bbf9-c136a408d168
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 68A3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=85846
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:27 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 11 Nov 2022 13:44:13 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame A218
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 13:53:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 10 Nov 2022 13:53:26 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=e11df97a-bc19-41e3-8a8b-2e3a06a2866f
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 4E6F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 13:53:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 10 Nov 2022 13:53:27 GMT
Expires
Thu, 10 Nov 2022 13:53:26 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4629 97bee97 master hkg-pixel-x18 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame CB14
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 13:53:27 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 10 Nov 2022 13:53:26 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11267-MEL
x-timer
S1668088407.987217,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 878E 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hOTMzZDBhYy0zYmQxLTQ3MTItYmJmOS1jMTM2YTQwOGQxNjg=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
um
cs.emxdgt.com/ Frame 01F0 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.24.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-24-178.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 10 Nov 2022 13:53:27 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame DDE2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y20CV8Co5ssAAG1SVfAAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y20CV8Co5ssAAG1SVfAAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 13:53:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 10 Nov 2022 13:53:27 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y20CV8Co5ssAAG1SVfAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
55
X-SO-HostName
m-ad131.dc4p.scaleout.jp
X-SO-IP
116.90.74.196
X-SO-Key
Y20CV8Co5ssAAG1SVfAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":55,"gdpr":false,"ipv4":"116.90.74.196","key":"Y20CV8Co5ssAAG1SVfAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad131"}
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad131
gumgum
cs.admanmedia.com/sync/ Frame B475 		0
0
usersync
usersync.gumgum.com/ Frame 5E2C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y20CVIOgmcphDt9a8o76JgAA%264707
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y20CVIOgmcphDt9a8o76JgAA%264707
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 10 Nov 2022 13:53:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
767f463f9927fb7c-AKL
content-length
0
date
Thu, 10 Nov 2022 13:53:27 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y20CVIOgmcphDt9a8o76JgAA%264707
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8vfBopOOBfpMQs255EhFZpaW%2BtEE%2FD1FffxiWLH9XENl3pTtfQwedsTtH8cmlhz8cPSwhGkm%2BwnCn213oLW%2BRDL6tko6lw%2Bjs2zgD4JpWGGyRCBNsfkPMMGs%2FySmvH2uAa79lBx5CV4kA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame BDEF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=F28jahdyOemMj1yQnB09&pi=gumgum&tc=1
0
0
usync.html
eus.rubiconproject.com/ Frame 2047
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 10 Nov 2022 13:53:27 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 10 Nov 2022 13:53:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 250D 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5494709c6d309cb4f1106f964f9ca3768c62bade2887eca9f89195734e1d5a71

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:40:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49608
Connection
keep-alive
Content-Length
9883
Expires
Fri, 11 Nov 2022 03:40:15 GMT
usync.js
eus.rubiconproject.com/ Frame 05CD 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5494709c6d309cb4f1106f964f9ca3768c62bade2887eca9f89195734e1d5a71

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 03:40:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=49608
Connection
keep-alive
Content-Length
9883
Expires
Fri, 11 Nov 2022 03:40:15 GMT
async_usersync
ib.adnxs.com/ Frame 34DB 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:27 GMT
AN-X-Request-Uuid
0c45944f-a02b-4797-920f-dc3e31c251b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hype_generated_script.js
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/hype_generated_script.js?497
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
35a8c29ce0e14c19f5607777297fda4d20f6ab2cdd14f804b32c8ebb86b40344

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EW06SWNWBERATDD
ETag
"98ba46f300db9d17da273ff7fc2b1cc8"
x-amz-meta-info
main HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2577
x-amz-id-2
lPBzJ8ahsBUp/Y4FvBNvK7Gco+KnVDWDnxPSgVzylnkiQKwq0rBbdkU3ndcUn/r67OZQQGKZGNI=
sync
ads.servenobid.com/ Frame 250D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LAB4RIS9-1S-A4NA
  • https://ads.servenobid.com/sync?pid=323&uid=LAB4RIS9-1S-A4NA
0
0
cksync.php
contextual.media.net/ Frame 05CD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LAB4RIS9-1S-A4NA
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB4RIS9-1S-A4NA
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB4RIS9-1S-A4NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 10 Nov 2022 13:53:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 10 Nov 2022 13:53:27 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LAB4RIS9-1S-A4NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb70&_p=1062&cid=191255158.1668088402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1668088402&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&dt=%E5%8F%88%E6%9C%89%E6%98%8E%E6%98%9F%E5%9F%BA%E9%87%91%E7%B6%93%E7%90%86%E2%80%9C%E5%A5%94%E7%A7%81%E2%80%9D%E5%A4%96%E8%B3%87%E7%A7%81%E5%8B%9F%E5%8A%A0%E9%80%9F%E9%80%B2%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HYPE-728.thin.min.js
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		55 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/HYPE-728.thin.min.js
Requested by
Host: s3-ap-southeast-2.amazonaws.com
URL: https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/hype_generated_script.js?497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
11dd5cdff459a5138767096fadda7834f8d4a1c3e546fa5999e5ad38432aedca

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EWDZJXD3WQ13DPX
ETag
"3332458e99eb25479deb1a10563c60f2"
x-amz-meta-info
HYPE file
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
24509
x-amz-id-2
eox/0jm+/YlQ0NuLT/mLoqkaEN/O2gocmiAJaN2gm6qkTM4B8LeCKxPp/KmEy3t5f/0f1gLziDE=
match
c1.adform.net/serving/cookie/ Frame 4CA8 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 10 Nov 2022 13:53:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
/
onetag-sys.com/match/ Frame 412B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c619636d-0255-4600-91f3-34a69b38850b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
0
/
onetag-sys.com/match/ Frame 1412
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y20CVAAHAFd5gwA7&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
0
match
c1.adform.net/serving/cookie/ Frame 14CE
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xrhxg3y9gu0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
0
0
/
onetag-sys.com/match/ Frame 5AF8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=StDxH0zR8kpR1PNNSdTqSkXW_0hR1fUfHdr4EJjV
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
0
/
onetag-sys.com/match/ Frame 4AD1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2434649983444340243&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
0
sync
ads.servenobid.com/ Frame 3C53 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 10 Nov 2022 13:53:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0BBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vmi_5psURoOr9tGfNljm6w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.78.217.19 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=85846
accept-ranges
bytes
content-length
5549
expires
Fri, 11 Nov 2022 13:44:13 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ddp
pippio.com/api/sync/ Frame 0BBD
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
  • https://pippio.com/api/sync?pid=5324&it=1&iv=0b0cb704d64e49921b9762222822125364d6a6aec1955294ba9b3b0e5697462a791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAwYjBjYjcwNGQ2NGU0OTkyMWI5NzYyMjIyODIyMTI1MzY0ZDZhNmFlYzE5NTUyOTRiYTliM2IwZTU2OTc0NjJhNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYjBjYjcwNGQ2NGU0OTkyMWI5NzYyMjIyODIyMTI1MzY0ZDZhNmFlYzE5NTUyOTRiYTliM2IwZTU2OTc0NjJhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2IS0mwYSBAgCEABCAEoA&goog...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 0BBD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c619636d-0255-4600-91f3-34a69b38850b
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c619636d-0255-4600-91f3-34a69b38850b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
Server
MT3 4629 97bee97 master hkg-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c619636d-0255-4600-91f3-34a69b38850b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 10 Nov 2022 13:53:26 GMT
/
onetag-sys.com/match/ Frame 0BBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkU2OEJGRTYtOUIxNC00NjgzLUFCRjYtRDE5RjM2NThFNkVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
date
Thu, 10 Nov 2022 13:53:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 0BBD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKmi9dpXSYwSoGHY5Ylr0-I&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
date
Thu, 10 Nov 2022 13:53:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 0BBD
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:12F8C8EF15E240F1BBB55A33814A3EC6
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
date
Thu, 10 Nov 2022 13:53:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
108
content-type
text/html; charset=utf-8
BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0BBD 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BE68BFE6-9B14-4683-ABF6-D19F3658E6EB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.232.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-232-172.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
onetag-sys.com/match/ Frame 0BBD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e11df97a-bc19-41e3-8a8b-2e3a06a2866f&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
0
0
sync
ads.servenobid.com/ Frame F7A0 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1607565603117449587&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.75.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-75-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F7A0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4344049554935797039&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4344049554935797039&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 10 Nov 2022 13:53:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4344049554935797039&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame F7A0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2434649983444340243&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2434649983444340243&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 10 Nov 2022 13:53:28 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.196; 116.90.74.196; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4e784578-1d5b-422d-9f22-f1fdc7be0eb8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2434649983444340243&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
a.sportradarserving.com/ul_cb/ Frame F7A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
0
0
/
rtb-csync.smartadserver.com/redir/ Frame F7A0
Redirect Chain
  • https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=b2343afaf2&gdpr=0&gdpr_consent=
0
0
usync.js
eus.rubiconproject.com/ Frame 2047 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.77.12.69 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-12-69.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5494709c6d309cb4f1106f964f9ca3768c62bade2887eca9f89195734e1d5a71

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 13:53:27 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 03:40:58 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=49608
content-length
9883
expires
Fri, 11 Nov 2022 03:40:15 GMT
logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
25e05821a29fd10f88e50edab5231f3cd5ea0afd177c73e3dfca2b3009062ecc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EWB6PT0WRNM7S1W
ETag
"79415e0eb3dd5826ec01a43d613ae00c"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1058
x-amz-id-2
vuSev5/PZxKycp9yEeOFRHMTt1B0xe2Jv0xpePLHS1TgRYcjWnwzwNgWdboeNknELZMwAz7ilKw=
no-sound.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/no-sound.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
57128e2d4bc4d34dcac3890e85c1d52dc4cf5f1bda045b8c66fb1c2a3a972a24

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EWD47T9852Z3J7Q
ETag
"c65d6135f733e1d05b2354bd852eb9d8"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1089
x-amz-id-2
pwriBMPLmhDR7YICT9d86cVxS5rwjwwG0LDZrM8udlt+jjONaWOLuC+RBwwLk+I1/W7e+tM5Knc=
sound.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/sound.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c930b6af8b31b8771a1eb148b7b8dfbbb3a1016482eeca1a8f4115d6affb8963

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EW29T9WEA65ZQ4H
ETag
"86678a3d79568d2b5c72c0846aa55921"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1016
x-amz-id-2
dSNlK3BFmzItZhp4IWIU29EafPZIFLAy458HepEpE/iZjoS0Wk2jlNIqy4+gN/cew6ZVhCFv1Bk=
1.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9dd5e73f04bdd6dc5cfc774cabbc82920cf4f6122b1a0f6f16d02a6821c1076

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EW6DXEJZDG273T3
ETag
"f00a9e93bbeae219b569a6570f14c8e9"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2178
x-amz-id-2
rSYUxOsi0oX9Vq+qQNJx+EYnKOu35W9PyRRd6G4W3HRBcUiPDwoEE5/iX4YWdn1Odi83+JCcN8A=
2.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6e744d02cbad33e55eb58548e58e93538c79b5e8a2c2cc1f5c4c3d8c462fb2c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EW35S055XFSC008
ETag
"4baaa67bffdc4ab231487aa14060e788"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1398
x-amz-id-2
nQfoSm8ej9uSg89UwSb0i9NnqjlirKNx2XZsV1Q5sBhO4C6QCUSMxiIk3VQr8y7FuhoZlCmsgUo=
3.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6d18595463d1ec5a855f5fea4a81abb0ef3206c39e221fb9a41e7584137186e9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EWE6H3T1889F75M
ETag
"f74fa9589dc0a79784a17d201e1fed8e"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2115
x-amz-id-2
9czCrmNAWQ9YUz4vmLQ/52gLGi5MOaiYiIontoY2Mo1z/t+8gS8ghyewClKqhMpiN07k/Hic6Xw=
4.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/4.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
a67d4a6a0a3da7f1eefe5a7ac4a9fbb3ce3380866d0c3f62623e8322e6ebb97e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EWA51AQFYJ8QZEH
ETag
"b8852cef5b75ed9de2410e0b6f6ec673"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1689
x-amz-id-2
p3NgONiBmIE19HWaVXD0s2eHbjZj91voKXIoXFvEJgzwpxN9+4VBr2mLo3ulfcAHJhXJN759X+Y=
300x250-text3.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/300x250-text3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4fcc94f5bb29363542d30dc44ab29e1b90a812bc50a033163bedd208f8f5f256

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
7EW27N5WR2G2VSZV
ETag
"a9cb6515053bced02f5f16e509086d1c"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1160
x-amz-id-2
9bc/Ikda3OjPFKrOVdU9F08PgBhBhOecVThbj6jg63sn2Y0ZwnpRVX1DWZvanAJj8me//6jtFFg=
usersync
usersync.gumgum.com/ Frame 2047
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LAB4RIS9-1S-A4NA
  • https://usersync.gumgum.com/usersync?b=mag&i=LAB4RIS9-1S-A4NA
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LAB4RIS9-1S-A4NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
13.112.54.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 10 Nov 2022 13:53:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LAB4RIS9-1S-A4NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
AstLd
www.adtrek.co/adserver/ Frame 9FCF 		16 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.adtrek.co/adserver/AstLd?cc=45ead072-b12c-42d3-aa0b-3677a0751234
Requested by
Host: www.adtrek.co
URL: https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.237.117.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-117-95.ap-southeast-2.compute.amazonaws.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/adserver/frm?cc=45ead072-b12c-42d3-aa0b-3677a0751234&clk=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC60XBUgJtY_WdLMmtrAGBxbqgB8jz45ptvs2Hl-cQ8C4QASDSzIEaYKvssYXgGKABjPHSkgHIAQmpArIAl8U2qaM-qAMBqgTRAU_QSZNkX8Hd1Y9L0TJV0SqPdRffZhsOIBkF16ZkqX4QVJaFHwfpw6oBVGEYvRtVYjBF5WzPXnx9naZ22ngE8upaoGbhHITB1jj076Z0QQ2q5--HyODNGWH_eh8zcPWg9xFgDF8uSUPa00b8YuR8QrHQ6DgNNzgegrI2hrkO2LZ440ejPitLZAZA2k25nxTP7PGuLRV4Y-LzDG6h9mgcaimqto_Qn18p6UwMVzVWEjlwZAU5rUAozrEvaWUwEpYMdaKYOvgsMY5hTPz0EPAVqwoIwASvt-vnjwTgBAOQBgGgBk2AB9yOre0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGF0yAooCOgKAQIAKA5gLAcgLAYAMAbATu5CHEcgThoGv4QPQEwDYEwrYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQDq26N9zBnrnktjP0mO5o_9PK8Xe4aij4hHre297xjovmwS4CerVrrlGAEgEw%26sig%3DAOD64_2vBS8gH8D4aqIQryFIGquTkpnmZQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C7vubkPGlwO8MDLmDAM2_N99zrjZUMeMtKiIkHENon6PZVwzZ-jSrqy-rnWVZ95P87UAZQDe-upiCZXs6iELYzlYRUJLIH58BqEnQ8wtk7rD3XWzcChD_A1sOIZcaOHv2nQfrIzybuLFXUTx4xpN0oyQVsYRU4Q6KTNu_wfz8r5Fdr-Jg%26cry%3D1%26dbm_d%3DAKAmf-Bfbqt9sN3yYaWoZIq9kvuTwHHCBNGe8fyCYO8smfB7Wzq6SJG5mLF-M_nxzfLoM7waSR-fJuNGECrJciAnrlGbOJrIaSgyTyvHLiY8Rd5lZpcvnz-P8XTLC3rXSVZHG0r-uJ_TKHb3sRZg49m6zecQiRGGxDmekshBQqcKhAR_JEW9g6n7sbYyyEHtMxYG0q24OINaSW6lCCXm_IYNNdPO3HK3kBvBtWsu_j0imw2wLZdmlgEGji9bL6YZIGD5Bg_9QyQpCzfPW-wVbRs9As6RlcjZZiA0PIN7eBWWy3-3l5c2E3u19ldngBRm1tfv8l_lamtWYuYdPtQqmIfApTOLIpZj8doG0crhdlj_IN1yhyjvNU9J--ZLFloO9hLHkVGclrPPd8JW20d49cPM_pi6_UbehBEt9KePm-3aXczSPO21JWw0CTJSfg0dxQFJQWAf-aql4RmYryYOBqjNaDREW8T37zyHBr039UbzzSWZoTOmPkw_zVLL5gJ1fnhXfHSb_HI_EDtcGEe885081MnA38Pr1Ib-ay2at1c3RliLaNduZYrttbtVhTfXGQxQ3BSw1fWr9XIbNUkO0dpphtLegPgOyyUoA-s-2JubwGpfDwC3F22ObxesT8bTV63zHd4rjnXn%26adurl%3Dhttps%3a%2f%2fwww.adtrek.co%2fadserver%2fclick%3fcc%3d45ead072-b12c-42d3-aa0b-3677a0751234&ord=1668088402724725
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:27 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json; charset=utf-8
Cache-Control
private
Connection
keep-alive
Content-Length
16
Dominator-Local-970x250.mp4
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		53 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/Dominator-Local-970x250.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.adtrek.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6PRVHXFDAG1XQX
ETag
"26ad51a9f22265ba7a01dc83d7fa2422"
x-amz-meta-info
resource files - video
Content-Type
video/mp4
Content-Range
bytes 0-1886547/1886548
Accept-Ranges
bytes
Content-Length
1886548
x-amz-id-2
Lq2+U60iClEEZiyonk4jQ0X26WmeslH3PzkCamyYaxWFWc6Ocvztp7zswPEsdfFTZtOq0c8ia8U=
logo.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
25e05821a29fd10f88e50edab5231f3cd5ea0afd177c73e3dfca2b3009062ecc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6SQ5DGE4DXD1RA
ETag
"79415e0eb3dd5826ec01a43d613ae00c"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1058
x-amz-id-2
QH8uipQNLZrI+9er9mJ5Y4VjjAoboslxEeNdmJeUHEEbxLAifNQy0rYLteNBdhxaNufK921s41E=
1.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9dd5e73f04bdd6dc5cfc774cabbc82920cf4f6122b1a0f6f16d02a6821c1076

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6SG4VQVQGNMFBE
ETag
"f00a9e93bbeae219b569a6570f14c8e9"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2178
x-amz-id-2
0hwjvdSpu8xJ7gxDFD6Iqrz6pM3I2l58atgrmGPVjLhuiu0gxhZ+H9bn7c4KpqWAhm8Hp/de6Jg=
3.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
6d18595463d1ec5a855f5fea4a81abb0ef3206c39e221fb9a41e7584137186e9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6ZVDK8XMJC254N
ETag
"f74fa9589dc0a79784a17d201e1fed8e"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
2115
x-amz-id-2
53mhvm3pdr2hW21QrxlFKK730d40ph2eJ2o4qW6dGRo9Aml/c5LjrfsbMO3m2Ne4sPLgqPtfyGg=
300x250-text3.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/300x250-text3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4fcc94f5bb29363542d30dc44ab29e1b90a812bc50a033163bedd208f8f5f256

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6M4M3S42001G1Z
ETag
"a9cb6515053bced02f5f16e509086d1c"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1160
x-amz-id-2
ENVaFjmG0d/S1wB0cgtfisPQ9NiW6HKHqLHTHNUTqTLPENLsIzEEc07wkhwLcv+2U7I1NR6pNHw=
4.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/4.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
a67d4a6a0a3da7f1eefe5a7ac4a9fbb3ce3380866d0c3f62623e8322e6ebb97e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6K8EVW82EEGF5X
ETag
"b8852cef5b75ed9de2410e0b6f6ec673"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1689
x-amz-id-2
yjeiILErGu+ohiVtIzEjuC0oeUlNDhtOOkRYI8wmZosh1HasMxdKHEkEoEbfUB/nmk0U0fjzuuQ=
2.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6e744d02cbad33e55eb58548e58e93538c79b5e8a2c2cc1f5c4c3d8c462fb2c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6SSYV8T4RGQPX0
ETag
"4baaa67bffdc4ab231487aa14060e788"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1398
x-amz-id-2
0jZhNdZd/A+PvE04qGcn2g8RtgJbb8UDWDZGgj4RrBbOCJSkx8fagTgUCzbx8rSh4rZodPjml+8=
sound.svg
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/sound.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c930b6af8b31b8771a1eb148b7b8dfbbb3a1016482eeca1a8f4115d6affb8963

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.adtrek.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6W1K5NQ6QPVS24
ETag
"86678a3d79568d2b5c72c0846aa55921"
x-amz-meta-info
resource files
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1016
x-amz-id-2
L1lncNS+9zuWv/uVcDNvLjSm7E5DwTE1Zwv2pXxs55GS7grKlgc7s7SUjh1DS8aCo3VyDTSYOgQ=
Dominator-Local-970x250.mp4
s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/ Frame 9FCF 		534 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://s3-ap-southeast-2.amazonaws.com/adtrek/bc58d73e-fcc9-43b0-8401-6b140586d98d/Dominator-Local-970x250.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.55 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.adtrek.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=196608-

Response headers

Date
Thu, 10 Nov 2022 13:53:29 GMT
Last-Modified
Tue, 22 Mar 2022 01:04:32 GMT
Server
AmazonS3
x-amz-request-id
DF6NHHERZCXK16QD
ETag
"26ad51a9f22265ba7a01dc83d7fa2422"
x-amz-meta-info
resource files - video
Content-Type
video/mp4
Content-Range
bytes 196608-1886547/1886548
Accept-Ranges
bytes
Content-Length
1689940
x-amz-id-2
mJfJBpzoBH8VzEUX5sNLuZfrnhL3OvvgasurAB3yqbEmXMjiHSwYKTTtE+hYmohlHjEPoRGiLgI=
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 035F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5AF4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
c3e207f96f097a98615dba7bac1f9677f785d781f17a64e6b59a1d293054e229
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sTHbYYqB3TEY3dPvV9IgXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-sTHbYYqB3TEY3dPvV9IgXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:28 GMT
expires
Thu, 10 Nov 2022 13:53:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFED 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 00:05:16 GMT
expires
Fri, 10 Nov 2023 00:05:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6DB1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
0264c3012f10812a53f365bfa2472b53ed895a5426c7d2e2776577c8e2144f33
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ubt4X25uzjvbafoUNGGGzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Ubt4X25uzjvbafoUNGGGzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Nov 2022 13:53:28 GMT
expires
Thu, 10 Nov 2022 13:53:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dc_oe=ChMI9qe2xuGj-wIVT8JoCh35WwwUEAAYACCsoMlVOhoI1NW67gIQ2Pykm54EGJz_ruEDIMSDqYHPEEITCKGjp8Xho_sCFb7vcwEdI-UN1g;dc_rmcid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69...
ade.googlesyndication.com/ddm/activity/ Frame E208 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E208 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5AF4 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6DB1 		0
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 035F 		0
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame CFED 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adpushup-d.openx.net
URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cf352198-091c-4087-8809-73c1627a8269&nocache=1668088398945&pubcid=c1b9de2d-caa5-44d0-8b45-21dd3621fcb2&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3DRX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLUMRUEMRTHMYYVM6LDKRDFMUDKJRHGCTRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU4DAOBYGQYDKOBXHEZTCMJQHEYDAMBVG42DIMZWGU3DAMBQKYYTAJTWONUWIPJTGEYTAOJQGAYDKNZUGQZTMNJWGAYDAVRRGA
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3DRX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F10105%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D3b8b88dd-5342-4808-b40c-079fc2cb50bb%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=hY5qQyFJSGGBcyy81cOiVw
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26KIKF4HE2KRO5TVGQJRONJECZRNHB4XSJTVONPXA4TJOZQWG6J5GEWS2LI
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-fbec9b6a-0c6f-4a6c-8276-58c366e666c5-004
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/gumgum?puid=[UID]&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=rth&i=F28jahdyOemMj1yQnB09&pi=gumgum&tc=1
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=323&uid=LAB4RIS9-1S-A4NA
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Domain
pippio.com
URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAwYjBjYjcwNGQ2NGU0OTkyMWI5NzYyMjIyODIyMTI1MzY0ZDZhNmFlYzE5NTUyOTRiYTliM2IwZTU2OTc0NjJhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2IS0mwYSBAgCEABCAEoA&google_gid=CAESEPMhLYcgCtoN6xi8Ee3Qabk&google_cver=1
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=smartadserver
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=137&partneruserid=b2343afaf2&gdpr=0&gdpr_consent=
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9qe2xuGj-wIVT8JoCh35WwwUEAAYACCsoMlVOhoI1NW67gIQ2Pykm54EGJz_ruEDIMSDqYHPEEITCKGjp8Xho_sCFb7vcwEdI-UN1g;dc_rmcid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw;eps=CIBhEAEYHTICigI6AoBA;met=1;acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2048,0,0,0,0%26mtos%3D2048,2048,2048,2048,2048%26amtos%3D0,0,0,0,0%26mcvt%3D2048%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2210%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D201%26dur%3D15018%26vmtime%3D2216%26dtos%3D2048%26dtoss%3D1%26dvs%3D2048%26dfvs%3D2048%26dvpt%3D2210%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2048;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668088406512;ecn1=1;etm1=0;eid1=200000;
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUGHaC4YAS5AC-YIIokV2k2yHiTNuplKyLXUmWng0YA0PGndhEksfZ3QPJ93purAEu7bzerjgFu-2qEOLorxPCFMCNV3pFEdLV1ITUFBttRethMHwWZYMXHYMfW7AAKC0i9-0&sai=AMfl-YSignLiWJagxt5Gb0KY2xaY3Q3h0XmlzeJFXicNKcj3cwac9yjNoX5vj50HI5U6cN9NAV2tzUVPBIU57tPV88dLt3s3-66lAgMH0GvSfZhZT9Cs2od82TBGfh4QRQ&sig=Cg0ArKJSzNyyDCTxk5gUEAE&cid=CAQSOwDq26N9Ud8pDYY38eNQwOl2ci0Bzys4vX3TFqoo6Tk6LzWUIC_Ag-DW4TyH1J-KyiUep69NLIFSJlOTGAEgEw&id=lidarv&acvw=sv%3D941%26v%3D20221107%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2048,0,0,0,0%26mtos%3D2048,2048,2048,2048,2048%26amtos%3D0,0,0,0,0%26mcvt%3D2048%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2210%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D201%26dur%3D15018%26vmtime%3D2216%26dtos%3D2048%26dtoss%3D1%26dvs%3D2048%26dfvs%3D2048%26dvpt%3D2210%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D46884018%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2048&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1668088406512
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=1414097753187374&rc=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221108&jk=3785228714276847&rc=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ucf object| request string| paramsString number| ampAdSlotIdCounter function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo undefined| google_measure_js_timing boolean| noPreviewPage object| criteo_syncframe_state function| quantserve function| __qc object| ezt object| _qoptions object| dataLayer function| gtag object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

134 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQtL3EjsYwCgoIgQIQtL3EjsYwCgoI4gEQtL3EjsYwCgoI5gEQtL3EjsYwCgoIhwIQtL3EjsYwCgkICRC0vcSOxjAKCQg6ELS9xI7GMAoKCIwCELS9xI7GMAoJCF8QtL3EjsYwCgkIHxC0vcSOxjA=
.aralego.com/ Name: sspid
Value: 70e82f2e-4c30-3e86-8bdd-5a51bf474921
www.bg3.co/ Name: __AP_SESSION__
Value: acea7354-1e5a-4f5f-9286-5db43ce620c3
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 078224d0-60ff-11ed-a40f-0022485a259e
.adpushup.com/ Name: ap_usid
Value: 078224d1-60ff-11ed-a40f-0022485a259e
www.bg3.co/ Name: CFFPCKUUID
Value: 8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW
.www.bg3.co/ Name: CFFPCKUUIDMAIN
Value: 2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: c1b9de2d-caa5-44d0-8b45-21dd3621fcb2
.hinet.net/ Name: uuid
Value: ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
.bg3.co/ Name: __htid
Value: ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a
.openx.net/ Name: i
Value: c1b9de2d-caa5-44d0-8b45-21dd3621fcb2|1668088399
.holmesmind.com/ Name: Vision
Value: 20221110-23:59,20221111-00,20221111-00,20221110-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 142080-EUiS75j83v6UYh2JbwOgAP7xT2ZtAYeO
.bg3.co/ Name: _ht_50ef57
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkn0xTAq94op2nQkHLlQ08lm2Cf5XI9hztWNCrQhH_2dKpDr7-sdDLvrwALP6A
.bg3.co/ Name: _ht_em
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: a586c76d654a16123429379608d480ea
.rubiconproject.com/ Name: khaos
Value: LAB4RIS9-1S-A4NA
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwz4S0mwY4AUABSAEQz4S0mwYYAA..
.adnxs.com/ Name: uuid2
Value: 2434649983444340243
.teads.tv/ Name: tt_viewer
Value: 39861d27-2840-4121-bd27-7a93ec09e3fa
.c.appier.net/ Name: _auid
Value: fSx1TC0sDgqAZiOcUAJtYw
.quantserve.com/ Name: mc
Value: 636d0251-74657-19583-62da9
.bg3.co/ Name: __qca
Value: P0-1351935925-1668088399627
.bg3.co/ Name: _ga
Value: GA1.1.191255158.1668088402
.bg3.co/ Name: __gads
Value: ID=753d78b7430693d8-2227096907d8006a:T=1668088403:RT=1668088403:S=ALNI_Mbg2-p5xEHVgKm9-BMVr3OnNawE1A
.bg3.co/ Name: __gpi
Value: UID=00000b79312a1a4b:T=1668088403:RT=1668088403:S=ALNI_MYtrb9KiA_h4Dcqp2pyRkeCYZH3Lw
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUitBRY2!@wnfH8K6pQK`!5=E<*L5?%K<cxu>hiUEx?5vTt/2bvE1]QIMB?[+XAUN%)j%nugO%v4VB%nm90)kU-r
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adsrvr.org/ Name: TDID
Value: e11df97a-bc19-41e3-8a8b-2e3a06a2866f
.smaato.net/ Name: SCM
Value: 1f8a97e9
.smaato.net/ Name: SCMg
Value: 1f8a97e9
.dap.fw-ad.jp/ Name: user
Value: 3a85aa8e-2702-3981-86bb-d8110b264633
.send.microad.jp/ Name: TR
Value: 1508d512b12f553a6339c45fddee433a082865da34cbf913
.simpli.fi/ Name: suid
Value: 12F8C8EF15E240F1BBB55A33814A3EC6
.bidswitch.net/ Name: tuuid
Value: 6aaf0941-3cd4-4660-9549-a12bd2554ec0
.bidswitch.net/ Name: c
Value: 1668088404
.bidswitch.net/ Name: tuuid_lu
Value: 1668088404
fksnk.com/ Name: AWSALBCORS
Value: wmfhHoEBh+YjfJ9HI7KcjfLz+XaWRuayUq1Lcu9DMbTxnpjDUyn6T5x2gXK3U3vC3Z6adPQ9wpCYvp9bLnq8mZXg6MYarZUCuGf8WnqbKXqhnFSadE5JwTchCFQu
.fksnk.com/ Name: f_001
Value: 810011A1ED1261F2
.fksnk.com/ Name: g_001
Value: 1
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1668088404723000
.dotomi.com/ Name: DotomiTest
Value: 765a6e20353c2281
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y20CVAAHAFd5gwA7
.yahoo.com/ Name: A3
Value: d=AQABBFQCbWMCEOtB0hjKdH7gSQO-MhD4jycFEgEBAQFTbmN2YwAAAAAA_eMAAA&S=AQAAAmZt0F5drLBRFglmLRlEAvc
.tribalfusion.com/ Name: ANON_ID
Value: ahnseFm5ab7AyuoCUkEWZdVh6JD2oXqtTDGAHvKmdgCRnMTXUnI3xN8OuYCC9Jiwo4QnQ6KSwyiObZbO7NNmnv
.fout.jp/ Name: uid
Value: BEcMUIUYOtH1WhQF0_oHuw-wHF0
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e11df97a-bc19-41e3-8a8b-2e3a06a2866f%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-10T13%3A53%3A25%22%7D
.w55c.net/ Name: wfivefivec
Value: zDnCcIlz1OT7ZH5
.openx.net/ Name: pd
Value: v2|1668088405|jElYiuvOiahI
.casalemedia.com/ Name: CMID
Value: Y20CVIOgmcphDt9a8o76JgAA
.casalemedia.com/ Name: CMPRO
Value: 4707
.casalemedia.com/ Name: CMPS
Value: 4707
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&224baa87-6212-466f-8251-1f826fd0f67f"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2415:u=1:x=1:i=1668088405:t=1668174805:v=2:sig=AQGe_cEczA9PC0FIHR4WdHWozdG30mRk"
.c.appier.net/ Name: _gu
Value: CAESEI6P6de6H6rTkqrrngb0MqU
.w55c.net/ Name: matchgoogle
Value: 5
.mathtag.com/ Name: uuid
Value: c619636d-0255-4600-91f3-34a69b38850b
.mathtag.com/ Name: mt_mop
Value: 4:1668088405
.inmobi.com/ Name: idsp_c
Value: e3d7e061-f078-42d7-9e7d-12725d034ddb
.3lift.com/ Name: tluid
Value: 979117714078906796672
.openx.net/ Name: univ_id
Value: 537072971|e11df97a-bc19-41e3-8a8b-2e3a06a2866f|1668088405460010
.mediago.io/ Name: __mguid_
Value: b78f945cc6af0181b48ea8b4cf07a284
.media.net/ Name: visitor-id
Value: 3110900057443656000V10
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY4MDg4NDA1fQ
.ladsp.com/ Name: cr
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.linkedin.com/ Name: li_sugr
Value: b2fa4faf-4332-403c-af23-39a4b1d8ba48
.ladsp.com/ Name: smn_uid
Value: HhH5Bxi31d4qXctyH9vfXw7--kBfZR4
.ladsp.com/ Name: lum
Value: CP3AxI7GMBIFCAMQ0AU
.turn.com/ Name: uid
Value: 3297295303483565349
.bg3.co/ Name: cto_bundle
Value: YpnYFF82Q3llNDlIbnhWbHk0NnVjbWpBcmliR3lLdkUycVM1TVhuZEREOFVIVnJvTjQxaHdrTjRHJTJCYlhjRTN1VlBTNVBnV2VmVnZteHZGQXFXRllScjhRYnUlMkJaZnFWRXhiV2taekV4ek52VzNiUk0lM0Q
.bg3.co/ Name: cto_bidid
Value: atfovF92USUyQnRWN1ZkT2xCUWpvWCUyRnZkVHViYWowemh4eElGZ3hFWFVPaHR6R0V3MDJ3TjZJM0d1UVpVV05TZGxyQ0pJN2xQNUJnJTJGajl4RzFXeHFQTUJCbXl1dyUzRCUzRA
.bing.com/ Name: MUID
Value: 0F5FBBBB013D6C2525D3A9E300C76DEA
.c.bing.com/ Name: MR
Value: 0
.media.net/ Name: data-xu
Value: zDnCcIlz1OT7ZH5~~8
.media.net/ Name: data-mm
Value: c619636d-0255-4600-91f3-34a69b38850b~~8
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.a-mo.net/ Name: amuid2
Value: 3b8b88dd-5342-4808-b40c-079fc2cb50bb
.prebid.a-mo.net/ Name: sd_amuid2
Value: 3b8b88dd-5342-4808-b40c-079fc2cb50bb
.media.net/ Name: data-a
Value: 2434649983444340243~~8
.media.net/ Name: data-o
Value: da3988eb-c822-41c7-b2dc-975be0e95d93~~8
.ads.pubmatic.com/ Name: KCCH
Value: YES
.servenobid.com/ Name: pid_339
Value: y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
.servenobid.com/ Name: pid_337
Value: y-4kibTtdE2uFBp41TuZspGPJATzHyRTtK8xLSXwU-~A
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668088402.1.0.1668088406.0.0.0
.onetag-sys.com/ Name: OTP
Value: IBwgblf1LZO-58XCbFpNjIpFkZ3Kb8kCshlXD8HhRXg
.gumgum.com/ Name: vst
Value: a_a933d0ac-3bd1-4712-bbf9-c136a408d168
.media.net/ Name: data-ttd
Value: e11df97a-bc19-41e3-8a8b-2e3a06a2866f~~1
.servenobid.com/ Name: pid_312
Value: 2434649983444340243
.servenobid.com/ Name: pid_333
Value: Y20CVIOgmcphDt9a8o76JgAAEmMAAAAB
.media.net/ Name: data-g
Value: CAESEGr4cB3RV5-XB---efKXDAw~~8
.adform.net/ Name: C
Value: 1
.adsymptotic.com/ Name: U
Value: 207ac274878fd7d822498885f07a5032
.analytics.yahoo.com/ Name: IDSYNC
Value: "198o~287p:194o~287p"
.socdm.com/ Name: SOC
Value: Y20CV8Co5ssAAG1SVfAAAAAA
.rlcdn.com/ Name: rlas3
Value: iEJownKSoSB6CNj39vF1ENqlVS0SjiO+3zrpSlosFlo=
.rlcdn.com/ Name: pxrc
Value: CAA=
.servenobid.com/ Name: pid_318
Value: S79-PAp3btcqt8XRVhg_qNapv7QtVDSyck5CblzS3g4
.adform.net/ Name: uid
Value: 4344049554935797039
.servenobid.com/ Name: pid_309
Value: a_a933d0ac-3bd1-4712-bbf9-c136a408d168
.pubmatic.com/ Name: ipc
Value: 159706^https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID^1^0
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.lijit.com/ Name: ljt_reader
Value: FoNBERZH_e4VqfGXS_2aYKzG
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3b414a2e-2a15-36c1-b99d-088d49c2221e
.casalemedia.com/ Name: CMTS
Value: 4724
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-55e22d49-06ab-44c2-9d9e-5a07bd4913e4-004%22%2C%22zdxidn%22%3A%222057.4%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3110900057443656000V10%26type%3Dr1%26refUrl%3D%26vid%3D80884058793110900057443656000V10%26ovsid%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BE68BFE6-9B14-4683-ABF6-D19F3658E6EB
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1669248000%3A201_197%7C1668643200%3A164%7C1668124800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1669248000%3A13_54_220_21_71_7_22_247_8_3
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.smartadserver.com/ Name: pid
Value: 1607565603117449587
.mfadsrvr.com/ Name: tuuid
Value: 2f68d298-957b-4cc2-b36a-0d898276869d
.mfadsrvr.com/ Name: c
Value: 1668088407
.mfadsrvr.com/ Name: tuuid_lu
Value: 1668088407
.quantserve.com/ Name: d
Value: EAoBDQHFJ_7KwQA
.bidr.io/ Name: checkForPermission
Value: ok
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLB/q9FsniQ8nXrd8oPN4aCe4QFZsXH9fZGwxFJRinYOStzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.zemanta.com/ Name: zuid
Value: yHQxriQwgSA1sRAf-8yy
.amazon-adsystem.com/ Name: ad-id
Value: A222iZbT7UA_lNNlS9Sk9KY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIwOCqgJ_LoTsQBRIVCgZjYXNhbGUSCwjk-eeWn8uhOxAFEhYKB3J1Ymljb24SCwjSza-Vn8uhOxAFEhcKCHB1Ym1hdGljEgsI1LHQn5_LoTsQBRgBIAEoAjILCNSp08y1y6E7EAU4AVoIcHVibWF0aWNgAg..
.dpm.demdex.net/ Name: dpm
Value: 02315733754080318800543998361547211627
.demdex.net/ Name: demdex
Value: 02315733754080318800543998361547211627
.360yield.com/ Name: tuuid
Value: 5f949ad8-784c-411c-abc0-af59bf6bb99f
.360yield.com/ Name: tuuid_lu
Value: 1668088407

10 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202110/8bd98b6988b9101076ead3c64ed8058e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202012/ba04ec048b60156539f78b6dd34563c5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202205/3869f36d797cbd9c18b91189a9e987a5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/575f96dd4b924ff75bdff74ad79ce54e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://fcm.holmesmind.com/cm.php
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESECTpZ4QeUeZVy9dEB26ZT18&google_cver=1&google_push=ASkJ3FbIeZuviYZiRn9LfYNECZFizIRrGP2Snm9R_7mfBy0ZK61CAoG7Jd6leCJtx-DdoxHiJxPF_lNHSYZVJjMkZymdjW2mXPr7iA
Message:
Failed to load resource: the server responded with a status of 408 (Request Timeout)
network error URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&CFFPCKUUID=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&maindomain=www.bg3.co
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=2201-Fh6il4kEzAovzoS4OY9mj1g0of947q3v&CFFPCKUUID=8313-iOa7A6qDqcJnTCqkpq71lwPPaSrrxkbW&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-ming-xing-ji-jin-jing-li-ben-si-wai-zi-si-mu-jia-su-jin-chang.html&maindomain=www.bg3.co
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d23b21ac4df2c13112cabf2dc186934.safeframe.googlesyndication.com
66290020567f13b202556398088ea2b1.safeframe.googlesyndication.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ab58bd60-c7ed-4c1f-8bc8-cbb7d18de37a.t.ssp.hinet.net
acdn.adnxs.com
ad.360yield.com
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ade.googlesyndication.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.co.nz
adservice.google.com
aid.send.microad.jp
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bi.adpushup.com
bid.g.doubleclick.net
bidder.criteo.com
c.bing.com
c.holmesmind.com
c1.adform.net
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.holmesmind.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csm.as.criteo.net
csync.loopme.me
d-20876441721900431501.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dynalyst-sync.adtdp.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fa3540ea93ec84512cdf7b83bb90bab4.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fcm.holmesmind.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
g2.gumgum.com
gcdn.2mdn.net
gocm.c.appier.net
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mweb.ck.inmobi.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.scupio.com
public.servenobid.com
px.ads.linkedin.com
r1---sn-ntqe6n7k.c.2mdn.net
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s3-ap-southeast-2.amazonaws.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.adkernel.com
sync.aralego.com
sync.fout.jp
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.ssp.hinet.net
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.adtrek.co
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.sportradarserving.com
aax-eu.amazon-adsystem.com
ade.googlesyndication.com
adpushup-d.openx.net
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
c1.adform.net
cs.admanmedia.com
onetag-sys.com
pagead2.googlesyndication.com
pippio.com
rtb-csync.smartadserver.com
sync.go.sonobi.com
sync.outbrain.com
sync.targeting.unrulymedia.com
usersync.gumgum.com
103.132.192.30
103.229.10.180
103.229.206.240
103.231.98.194
103.231.98.197
103.254.153.160
104.16.87.20
104.18.102.194
104.18.12.76
104.18.13.76
104.18.18.126
104.18.19.126
104.18.25.173
104.211.156.162
104.26.2.91
104.26.4.103
104.45.178.220
104.70.236.26
104.71.48.26
104.71.49.155
107.22.24.178
129.159.70.95
13.107.21.200
13.107.42.14
13.112.54.241
13.114.56.62
13.237.117.95
13.250.190.118
13.33.33.38
13.33.33.78
13.33.88.29
13.33.88.32
13.76.45.37
139.162.23.100
139.162.38.30
139.5.84.243
139.99.49.250
142.250.4.102
142.250.4.156
142.251.10.148
142.251.12.105
142.251.12.154
142.251.12.155
142.251.12.95
142.251.12.97
142.251.161.120
145.40.89.200
151.101.66.49
152.199.39.108
159.203.145.121
172.217.194.154
172.217.194.155
172.217.194.156
172.217.194.94
172.253.118.138
173.194.28.102
18.155.68.103
18.214.21.204
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.84.60.30
198.8.71.131
20.212.157.225
202.232.238.37
202.233.84.1
202.241.208.55
203.75.214.136
209.191.163.210
210.59.219.181
216.130.169.24
23.106.127.164
23.106.127.38
23.106.127.53
23.77.12.69
23.78.217.19
23.78.217.3
3.1.173.93
3.112.143.207
3.124.32.217
34.107.148.139
34.117.219.39
34.95.67.231
34.96.119.68
34.98.64.218
35.163.132.81
35.190.60.146
35.201.76.93
35.208.249.213
35.213.117.18
35.213.12.39
35.214.236.176
35.230.38.116
35.244.159.8
35.71.131.137
35.71.178.8
35.72.192.39
38.91.45.7
42.99.140.161
42.99.140.201
44.229.70.27
50.116.239.135
52.196.174.187
52.196.230.114
52.222.158.36
52.46.151.131
52.74.162.2
52.95.128.55
54.168.63.191
54.210.175.101
54.254.232.172
54.255.158.216
54.73.75.233
54.84.84.112
54.90.77.112
64.120.88.131
67.199.150.81
67.199.150.85
68.67.160.132
68.67.161.208
69.16.175.10
69.173.144.165
69.173.158.64
69.173.158.65
74.125.200.132
74.125.24.132
74.125.24.154
74.125.68.155
74.214.196.131
84.17.37.44
89.207.22.76
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00f8e2172eae671779ab3d11aaea747cda870a24f148639ab09d6c5c2818bd4f
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
0264c3012f10812a53f365bfa2472b53ed895a5426c7d2e2776577c8e2144f33
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
04b4ac72e5129562c66e310eb8eb75290d53d9ffaf769aa625cb9638175630e0
0602160997bb910d5387d92eed48d51f352f604e0e2285c8ffa92707e4676f1d
0727e4230c747bfd5429c4dd6ef31fed9e2cf334533588f8eae2f4c7da734547
07a4dbb5290634d758daedcb56e4e7d15751b04599ee1703448fd46258415b5e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c75124e321ad18d273e74a011c83fc4779c5da27099260a523f13d8a085467b
0d05d748e2bed6c06d43389b5ce1e231a15bbad2d5b0569106cf95249bc1ae92
0e74fbb4c49a44d222a938012bf4284b6f9484ceb05c828d39b7c84828f1629e
0e78789b90e02d8d65d3d803a70fd5a69d30ce77b5da364c701d3e1f85facd83
11dd5cdff459a5138767096fadda7834f8d4a1c3e546fa5999e5ad38432aedca
11f1ba9bef29e6d366ad785363699194364c2fcf41a6b33607268a7a0d63dfd3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
188e573bf1e6355ef4c477989d3871b5bad7e45ac71628ad3a3139284b1e0229
195ac84bb452f0b7ae9d2bb99adbd3f606ad3162aeb71208db6433bf4cff70b2
19d67d5b5eabf29f229015745c0caa3b21cc4dd3a065408870c3b39bf74a0d09
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
25e05821a29fd10f88e50edab5231f3cd5ea0afd177c73e3dfca2b3009062ecc
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
2a0031d8e25051911b2fd368ca9766d16c003b8ed9f55a18a6d9a82b5f5c255c
2a6b050dfbee40d9b3dec339c654771ddd057faa8cec3cb3ae9b5b03be10f50f
2b867f58211dbd1da51506f9b506b2046c5a30b3bdd57afe2c8686ecffb6c555
2c19823a29f6be2e40fac2c19077facc5507bd41ca8039df6284ce48aff645a9
2e479b94c84d13eeece48dd4232c5224e12ed492c64f0c34986174cc8749a91c
2f9f56fcc9edb871f8e23fe04e1915e4700c1348a57d844d93a1d06f87165644
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321bde5f6b1eac7eb054d35ac8981e8259b3b8c076288cef5e280c1eb8fdab31
32ed70d61b938655576f2f31d071f9718cc672efbb416ba69bb30f24eaf5ce9c
330f76ee720927481e92c4f344a43bdf66af209bb74aad6be1ceaf75092928df
3400517be6445f947dd790dea5194d3e105a8350318bc1ad50b4feb370f60243
3441d91b5fce8fa413f0f507c3b0a19a4f1477f89e2453a796710e496a0d4c7b
35a8c29ce0e14c19f5607777297fda4d20f6ab2cdd14f804b32c8ebb86b40344
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38684b802d56c90d11d131fcf8c291f934e69eaa38e55d8dc860244dde65462c
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
38892d487f3ed5f0d46025eeccdd4669e8ba05d134acb1bce70c33f024910e94
3c1886ac9867da46d6c05ca1a0df4d0634b055826d142b12387e0b4fb483ae39
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43651d9987d330a8113243857b3e376194303e4ec962c2590676657b639ae99e
45c2af6cf00270892b997265755b086541910d9f5192864a0903eea6b3101aec
4641d14bf072385646733ed30263ceb1588aafa0dd68ed2e58244529efa0a272
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4734cc732e1756acd5b25a3f5b4c95599f954004c024c39a968248e365b269fa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fcc94f5bb29363542d30dc44ab29e1b90a812bc50a033163bedd208f8f5f256
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52f7a2c520d4a18898948a0e614716d528d6013a068fdca2c9475f92a52ad586
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5494709c6d309cb4f1106f964f9ca3768c62bade2887eca9f89195734e1d5a71
557f5375c06f55779cabc029a5bb9927d5bce98ac8c10f19e70c78c7ab4e0bf5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57128e2d4bc4d34dcac3890e85c1d52dc4cf5f1bda045b8c66fb1c2a3a972a24
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5d90c7b11e85cf039458d0ffda0a6348003ca753ed8f74f5dd67b37a27612b23
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a06e75d30880c3c9f6f5e8253feb2c757767f8720311a534465370583bacd2
63af0192ee2fd131b1b79cf8097cb830e3dc9b29580fb378fa089bf0340adfc2
64ee123f451321843d5f59ffd8859851b94703f219cf64708becea73171e7d25
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
673ba7b377701a847a9f03a77fb40d55e1561f0afcbb7b84493c781b17f8f056
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c448e22b071007f78236790ebcd15019e8124dcaa938bb3f4cbc95ca8de8c33
6d18595463d1ec5a855f5fea4a81abb0ef3206c39e221fb9a41e7584137186e9
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
74e5d27c3ce88edecaa16bdd847929fae0ebe21d23da8e419564ced5bd844977
7509a54fe5d827f469ccfedc968dffe35d21215a8323b4e954948b3fa4e5bace
7575f980f077f6906187edf2bd479544f42e6be3dfc147a50c0aee6004ba2d81
7adea9b07f8f0e2cc0c38c203b1448aa5aa53063056c5c79d82688ac39da3900
7b1748e516872d3ec44b5f5dd98131d5cf81f6e1821a7a6d0f886bc28720aa23
7e925b6441afb8aefeb49b145e35f24d865ccfc120b133a42df59d6f9f049e3e
7ed023d6325d058cbcb5ae7ed7193c962f01d479a1b1f8a944345a93b156eb85
80f338ed0442acb02fb1e67b1225362181fb7b356688fb24fb5c805f69966bee
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
84d9e98e66076f2c867680602383eeeb906dbface7846a73b9e374a1e2712187
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
88023da094555f96baf9a7707cf72811506470da7586700b958a1fd0313c9df4
89a3cd86231932c1f0588ac9327257c7e7102f9a4252fcaa4ad2269c486a53b1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8e1f93dc68b91ed2bdebc47a1eac520820d2e92e43daea90ddeb6827f5dfd0a4
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
92ed147fc15d3c39f07e271e6f81abbc19e102bddfd92deea299d5b84bef38a1
93c7959c98c61f331e5e6f09b6b1cc84ece0ac1035df4bccf4cdfb3ba3b6d029
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
97d91defa4069ba159136587d5b1a390d2979e66d3eb6a1979919773247185ed
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d10843b73211d37c1e21416b91114de626394eec8fdfd3ee51ad4de8de89107
9d50879eaa5642b8cf7aa54a56c90c91beb7c08132e76be852929263a5df7df7
9f762e4f7d19c1c80fc5c7a52d06ae9633d803c130fda5c558655af54b031ef4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1fd28e5917a1b3640efd16d014f162531e2498b978ce378eeab50c9328988ad
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d4a6a0a3da7f1eefe5a7ac4a9fbb3ce3380866d0c3f62623e8322e6ebb97e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa5aba4b84c63147b33f82e2c18d126ce6333530a4bf3ec9bd11de4f1830061e
ac326562a25ab091a4b4c84022054c7ced6a52aa70f17aaed6ca9a5af3941c8b
adefecda8c78083a81981119e8c809a1cc9a6f7927d2789f202c1e7db46e6d6b
ae487bf3122a1c57eaf50f2fe1581aa4fe8d8697ff4995955ad2fecb70bc7f1b
b0447f99586ad7bcddc943fd1a63af9d89f73f50e70657d0a2ed76ff7c2d6c4c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b208c88dda805bdf4c69def3df4e629c955a1f9703f1f8ff2caa623cae270c76
b43aa3339f4fa807980d2eda6bceb9ab64155de876d9c6797921c5e04fd342d4
b459c2f9ffc4418ddb40fdfea84a9275ff58fd4c7a9ee7e5893cdea7d3f7233e
b8e0a4b5719b1dbe244d62e7ae2fe8ab4b4dead2ef0dcef3abe6b135c4a9af75
b903a1dd4ba4cffdd671974e77e54f6eefd21ab204e608db6db3f31dff94cc2c
ba9b4c07572bf513625cfd579b75e15fca865796a1cc10b6006ddd9510ece7b5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c0b1a469b933bdf151216b9bb4b5d44d14a15ab9abdb126198e682b62b95b1c7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3e207f96f097a98615dba7bac1f9677f785d781f17a64e6b59a1d293054e229
c3e473d479b570c98cb31c0e98bb2d7ae6284dbfd0e2631bfa4718b9157fdf8d
c41222aa10a0bfc657a582d2d5e5d8e55364e2dc072ee441916a7c02396321d7
c5499edc44b7052b150461639014e70f28152a81378e7ed9c316723703625d87
c590106c538d6a794d33b08be9570898a47529098712f14a8f55b55f7d189f2c
c699dae460d201dbfdf3a850a83c2cd9c41d0eb96873bdefe263808f531794d5
c930b6af8b31b8771a1eb148b7b8dfbbb3a1016482eeca1a8f4115d6affb8963
c94553bf7b69223fc530eb7162812857b0842dfb0df5f9598254e08287692037
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
cec12157ac766bab34ff7e9e77de9cdb6f9e25e70fb9213771c7590567ec8f52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05895f60d10575673d6f03f9272a42d803bab99cdd223b8aabe2f48af829b86
d2144052b80e6e097b5a52a0306c48b94c2e7a167ace68dcafae78df9896808f
d25748100cd828212b1c129e0e8cf70249c8b147a458db5cad88d9b19159b633
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d6a23edbba8922d7b7047fb4a3acdab5317c439c4d01ecb88c2e6ed007ef7804
d9cf1bdc04ec9e82f94d73bc3841aa4dbd39309e1f7f647b7b01108eaad00c24
da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079
db3210e947e41629be5e5fca80add11de3aa48c4b51c0256a59232cb890d3f75
dbe33f010b38b05beb58eca2479346f155ec513351794c2b756b3b6573630b54
dcb59ec730a35ac2bdbeb1c87a33264a515c890bcafa7f942fbd3c7c48991f8f
ddd61ecebf36941bd6d1aa20ca07868d826fd9eb6f3a5e660e0afbb703ae6793
de6786e3dee9b4cb44c7b7a03caf794c2403984d64764892c6e1cb0e750aaea2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e382d1723e25139e97e7dde36b533f40faeb45ef7e7dd4c51b1bad4cece70376
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e993dde4d7c549c04c5d6d0f771faf6a007b507d3ac21d8d5c89a3af470330fe
e9dd5e73f04bdd6dc5cfc774cabbc82920cf4f6122b1a0f6f16d02a6821c1076
ea1c9e4766ce27bb6d3524ae47ad78e2552cec5bec03431c208cd94ee12a6b34
eb2197d95180e62670e0c5d9f610b6284ea4babcb517e3a54613d493277a8da2
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec587886fb7850e267d7d17b2c4611caa8b798b95fbacf7a3a6b77f42c848c65
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef23419b29829ad26bdbac33b6da62422531609065cee2adc0a8d17a001f0393
f1458d2ad7aaf6035b7560e923072a96cdecf92d3f13c9089099130d3499b850
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e744d02cbad33e55eb58548e58e93538c79b5e8a2c2cc1f5c4c3d8c462fb2c
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f97a6f31613a9dbc46accec6d442c0fcf438ffeeba804938a0e5a411fb67241c
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fd2e64384d5cc71927cf81f5573a619ed7ca3a09864a1b8ac9167bbe2b1f6f0d
fd7fa2896a10ba33efafbe39d5afb9d7b7429b507ca46b2d41d0f7fb738be532
fd9c06c6f1502e4a80985a0829db231a1589e3d957041192336e68e371769d4e
fda78dd6d350cd0f3175f0b9f88accd05c1a821199d84b63d9680553d501bc1f
fe209c42003e23036615034182bbd3d224e3948a61e192953636b89c8a9ea458
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76
ffeb8017bb3a72c2af8d5835d5d25086dbd502e12a238a629a4617201bbf42de