urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Submission: On November 19 via manual from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 7 countries across 58 domains to perform 320 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 99821.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
20 142.251.12.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.201 4637 (ASN-TELST...)
5 42.99.140.161 4637 (ASN-TELST...)
3 64.120.88.131 133752 (LEASEWEB-...)
2 69.16.175.42 20446 (STACKPATH...)
19 172.67.72.16 13335 (CLOUDFLAR...)
36 142.251.12.154 15169 (GOOGLE)
13 172.217.194.156 15169 (GOOGLE)
2 142.250.4.97 15169 (GOOGLE)
2 74.125.24.138 15169 (GOOGLE)
7 13.76.45.37 8075 (MICROSOFT...)
8 142.251.12.157 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
1 152.199.39.108 15133 (EDGECAST)
5 142.250.4.157 15169 (GOOGLE)
2 74.125.24.155 15169 (GOOGLE)
4 26 142.251.10.156 15169 (GOOGLE)
2 13.33.33.91 16509 (AMAZON-02)
3 103.229.10.192 16509 (AMAZON-02)
29 172.217.194.132 15169 (GOOGLE)
3 182.161.74.19 55569 (CRITEO-AS...)
3 182.161.73.148 55569 (CRITEO-AS...)
10 142.250.4.105 15169 (GOOGLE)
3 74.125.24.157 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
4 34.98.64.218 396982 (GOOGLE-CL...)
2 172.64.154.237 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 52.16.204.248 16509 (AMAZON-02)
3 3.114.40.184 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 35.213.117.18 15169 (GOOGLE)
1 34.107.148.139 396982 (GOOGLE-CL...)
2 51.79.234.100 16276 (OVH)
1 68.67.160.117 29990 (ASN-APPNEX)
1 18.140.22.207 16509 (AMAZON-02)
1 145.40.89.200 54825 (PACKET)
1 23.195.153.54 16625 (AKAMAI-AS)
1 52.38.91.115 16509 (AMAZON-02)
2 2 89.207.22.140 399104 (CNVR-APAC)
2 2 13.33.88.20 16509 (AMAZON-02)
2 2 103.231.98.196 62713 (AS-PUBMATIC)
1 1 34.193.201.64 14618 (AMAZON-AES)
1 1 52.77.9.69 16509 (AMAZON-02)
3 3 74.118.186.45 26120 (RHYTHMONE)
1 182.22.31.124 23816 (YAHOO Yah...)
1 13.33.33.118 16509 (AMAZON-02)
2 52.183.162.69 8075 (MICROSOFT...)
24 182.161.73.129 55569 (CRITEO-AS...)
3 182.161.73.132 55569 (CRITEO-AS...)
1 69.174.120.107 3257 (GTT-BACKB...)
6 182.161.73.142 55569 (CRITEO-AS...)
1 74.125.200.149 15169 (GOOGLE)
2 4 50.116.239.135 6336 (TURN-US-ASN)
1 1 35.186.193.173 15169 (GOOGLE)
2 34.96.105.8 396982 (GOOGLE-CL...)
2 2 52.74.36.190 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 103.3.63.48 63949 (LINODE-AP...)
10 182.161.73.135 ()
1 3.33.220.150 ()
1 104.18.36.94 ()
320 57
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
20    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com
e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.201 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-201.pacnet.net
delivery.adrecover.com
5    42.99.140.161 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-161.pacnet.net
cdn.adpushup.com
3    64.120.88.131 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
19    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
36    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
13    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
securepubads.g.doubleclick.net
2    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
2    74.125.24.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f138.1e100.net
www.google-analytics.com
7    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
8    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
d-21854178762957812495.ampproject.net
1    152.199.39.108 (United States)

ASN15133 (EDGECAST, US)
campaign.adpushup.com
5    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
adservice.google.co.nz
2    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
partner.googleadservices.com
26    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
adservice.google.co.nz
2    13.33.33.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-91.sin2.r.cloudfront.net
adx.holmesmind.com
3    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
29    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
3    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
10    142.250.4.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f105.1e100.net
www.google.com
3    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
www.googletagservices.com
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    52.16.204.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-204-248.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    3.114.40.184 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    68.67.160.117 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    18.140.22.207 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-22-207.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
1    52.38.91.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-91-115.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
2    89.207.22.140 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin03-login-ds.dotomi.com
dclk-match.dotomi.com
2    13.33.88.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-20.sin2.r.cloudfront.net
cr-p1.ladsp.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.77.9.69 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-9-69.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
3    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    182.22.31.124 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
2    52.183.162.69 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
24    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
3    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    69.174.120.107 (Avondale, United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
6    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    74.125.200.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f149.1e100.net
s0.2mdn.net
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    52.74.36.190 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-36-190.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    104.18.24.173 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    103.3.63.48 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li819-48.members.linode.com
a.c.appier.net
10    182.161.73.135 (None, )

ASN- ()
pix.as.criteo.net
1    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
1    104.18.36.94 (None, )

ASN- ()
js-sec.indexww.com
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com
e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
935 KB
40 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.as.criteo.net — Cisco Umbrella Rank: 15767
pix.as.criteo.net
374 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
514 KB
20 bg3.co
www.bg3.co — Cisco Umbrella Rank: 99821
static.bg3.co
13 KB
18 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
6 KB
15 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15170
e3.adpushup.com — Cisco Umbrella Rank: 16671
campaign.adpushup.com — Cisco Umbrella Rank: 29370
aplogger.adpushup.com — Cisco Umbrella Rank: 16187
235 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 353
325 KB
10 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20361
ads.as.criteo.com — Cisco Umbrella Rank: 15481
bidder.criteo.com — Cisco Umbrella Rank: 691
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 16096
gum.criteo.com Failed
86 KB
7 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 150757
2 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
sync.aralego.com — Cisco Umbrella Rank: 2762
4 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 708
r.turn.com
2 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 922
fastlane.rubiconproject.com — Cisco Umbrella Rank: 439
eus.rubiconproject.com Failed
pixel-eu.rubiconproject.com Failed
pixel.rubiconproject.com Failed
3 KB
4 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13712
u.openx.net
us-u.openx.net Failed
jp-u.openx.net Failed
6 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9020
46 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
142 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 917
pixel.quantserve.com — Cisco Umbrella Rank: 664
cms.quantserve.com — Cisco Umbrella Rank: 615
11 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com Failed
1 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2182
292 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 519
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 662
image8.pubmatic.com Failed
1 KB
2 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 118049
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3287
883 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
2 KB
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 491
ssum-sec.casalemedia.com Failed
874 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 511646
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
1007 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
493 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 16217
10 KB
1 indexww.com
js-sec.indexww.com
2 KB
1 adsrvr.org
match.adsrvr.org
539 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 13802
602 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5115
655 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
46 KB
1 doubleverify.com
tps.doubleverify.com — Cisco Umbrella Rank: 457
138 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 847
633 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 2972
623 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1004
574 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 618
470 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 665
698 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3711
518 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1371
502 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 881
167 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 554
eb2.3lift.com Failed
504 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 209
acdn.adnxs.com Failed
1 KB
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1201
contextual.media.net Failed
1 KB
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 899
x.bidswitch.net — Cisco Umbrella Rank: 281 Failed
361 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1592
public.servenobid.com Failed
663 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 ampproject.net
d-21854178762957812495.ampproject.net
0 rlcdn.com Failed
id.rlcdn.com Failed
0 smartadserver.com Failed
ssbsync-global.smartadserver.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 socdm.com Failed
tg.socdm.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 sportradarserving.com Failed
a.sportradarserving.com Failed
320 58
Domain Requested by
36 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
adx.holmesmind.com
tpc.googlesyndication.com
www.bg3.co
www.googletagservices.com
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
24 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
www.bg3.co
static.criteo.net
19 static.bg3.co www.bg3.co
16 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
onetag-sys.com
15 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
13 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 pix.as.criteo.net ads.as.criteo.com
10 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
8 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
cdn.ampproject.org
www.bg3.co
8 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 adservice.google.co.nz securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 e3.adpushup.com www.bg3.co
6 csm.as.criteo.net ads.as.criteo.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cat.sg1.as.criteo.com ads.as.criteo.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 adpushup-d.openx.net cdn.adpushup.com
3 www.googletagservices.com googleads.g.doubleclick.net
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
3 ads.as.criteo.com googleads.g.doubleclick.net
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
3 rtb.jp2.as.criteo.com www.bg3.co
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 tr.blismedia.com f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
2 r.turn.com www.bg3.co
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 aplogger.adpushup.com cdn.adpushup.com
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com 2 redirects
2 cr-p1.ladsp.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 onetag-sys.com cdn.adpushup.com
onetag-sys.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 js-sec.indexww.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 match.adsrvr.org cdn.adpushup.com
onetag-sys.com
1 a.c.appier.net 1 redirects
1 s.tribalfusion.com f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 cms.quantserve.com f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 s0.2mdn.net static.criteo.net
1 tps.doubleverify.com ads.as.criteo.com
1 rules.quantcount.com secure.quantserve.com
1 cksync.yahoo.co.jp googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 hb-api.omnitagjs.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.a-mo.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 ib.adnxs.com cdn.adpushup.com
onetag-sys.com
1 prebid.media.net cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 campaign.adpushup.com www.bg3.co
1 d-21854178762957812495.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 x.bidswitch.net Failed onetag-sys.com
0 ups.analytics.yahoo.com Failed onetag-sys.com
0 image8.pubmatic.com Failed onetag-sys.com
0 id.rlcdn.com Failed onetag-sys.com
0 ssbsync-global.smartadserver.com Failed onetag-sys.com
0 pixel.rubiconproject.com Failed onetag-sys.com
0 pixel-eu.rubiconproject.com Failed onetag-sys.com
0 sync.mathtag.com Failed onetag-sys.com
0 ssum-sec.casalemedia.com Failed js-sec.indexww.com
0 jp-u.openx.net Failed u.openx.net
0 tg.socdm.com Failed u.openx.net
0 us-u.openx.net Failed u.openx.net
0 eb2.3lift.com Failed cdn.adpushup.com
0 acdn.adnxs.com Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 contextual.media.net Failed cdn.adpushup.com
0 eus.rubiconproject.com Failed cdn.adpushup.com
0 gum.criteo.com Failed cdn.adpushup.com
0 pool.admedo.com Failed f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
0 a.sportradarserving.com Failed www.bg3.co
320 95

This site contains links to these domains. Also see Links.

Domain
campaign.adpushup.com
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
snic4d9gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-03-17		 a year crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2022-11-04 -
2023-12-03		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-02-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 47 frames:

Primary Page: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Frame ID: 127A8ABFCA8388B67A3711278F4E44AF
Requests: 97 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5E34C64A8E65BED36792D6C176885AD4
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 10E4F30B0D4E6BBDF85E26EC083EFC5F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 76CF3732ECEAE71C2B5AF513F2001A1A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D41EE79C2EF332557704A85B6ED683A5
Requests: 9 HTTP requests in this frame

Frame: https://169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: EC3F0F987D0FDF419451E39F6E076FD3
Requests: 1 HTTP requests in this frame

Frame: https://e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 14BE784CCB0246C185662AA3C240FD8B
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Frame ID: AF5480495863E16AC397E879F82002F7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Frame ID: 31AB9F3E481C1A0882B2C17D5894BF56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-42939132481726956798&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3345&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=12182006619&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&ga_hid=6619&dt=1668833977179&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&bdt=4948&dtd=691&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 75C286958F9064C5B814A2124131F812
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C0YeTumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBP8BT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0SxgT8TyYtqBCrlQQvvNwKvCrna5cdqb02LKHCedhREY64eWhnMoAgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=Fj5rOFN7t80&uach_m=[UACH]&cid=CAQSKQDq26N9YUxF56XNhlqRTB6eC20QARDEUTbCPphdy6sapjgG2czvDnqYGAEgEw
Frame ID: 2425CD4B729C9C8D55C73C8CF00EF5E5
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 047560A3BF2FA542818387C14F0B5E6A
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFB81BEDA87AEF6E4280AC6E3485F55A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C5A7102832B47CAC06C6BE0185131DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24662567F6B8ACA38FC0D339606A5C7C
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/index.html
Frame ID: 2275B687E4475AEE5243D7017187F9BC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F1D17043750A63EA09F6533026555FA3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68CC1444A265AB0104EB4A60E908927D
Requests: 2 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Frame ID: B3ABF161AB0411C9A775C8CBD650D023
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 227270A16B574FD805922E9B9177EDA7
Requests: 1 HTTP requests in this frame

Frame: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6FCC75DB479F65B1B16622075C6A0F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833981598&bpp=3&bdt=530&idt=507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=5736368877663&frm=8&ife=1&pv=2&ga_vid=219277654.1668833982&ga_sid=1668833982&ga_hid=158507445&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44767166%2C44774652%2C31070763&oid=2&pvsid=4292958275180390&tmod=2044400049&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.u6xqt92qe204&fsb=1&dtd=519
Frame ID: E2CFFCA684172DD3ED680783E4C214BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833981602&bpp=1&bdt=533&idt=520&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5736368877663&frm=8&ife=1&pv=1&ga_vid=219277654.1668833982&ga_sid=1668833982&ga_hid=158507445&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44767166%2C44774652%2C31070763&oid=2&pvsid=4292958275180390&tmod=2044400049&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rbeiaa38osi0&fsb=1&dtd=525
Frame ID: C74A27FCE70818B4195653B18B1719D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D969A1BA358C7984BD51A7E0D639479
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2CA59E2BB3EB5137644A911BFB1FFB84
Requests: 2 HTTP requests in this frame

Frame: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C22FBD27E06AF8CE6F53DD8D28D1B41A
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: FEA7AD1D039C7E2E799C141A4C1438A7
Requests: 12 HTTP requests in this frame

Frame: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D4831EA1F90099836FDF91CBFC6EDFCC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8113B8955199B353206ACFBD866B94E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C61EF7BE23FB3977E52C4A8CDB94B69
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0BE176A20481770CDF67A4CA0A1441E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D11CC806597D36E0375779F60EA9A134
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 601DF8C63EB55A0D8ECDAD37843078F6
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85F1B78E955D1ECA9FD4F9E457A1C036
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 26377A1CC26388B077F5D97A3F6891EE
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE2C6839B78386B52BD7AD0BD9268A3F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAB0E6C61C93D0EDB77157B3489D15B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D11DC06B41A5E342C446E1CE6695E8C5
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: CB6F91E5872245F13AFF4951C191F21C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4846A628AC21AE3A73BFF81D33274AAE
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0E73361A813CAA9A9F5260F9E48195C5
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: FF6E30139DFE2CA5D461A1B7A7F45E83
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668833979814
Frame ID: 685E14D967C40878355274966F16C8A1
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DA25B0C12F4A123ECC236878B92B4341
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C1B39EE1752C0EDF7D93D9C5EC541CCD
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EE29647062C63531C7FCCFF7441DDD19
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 32402659326FECAC7A547B448D835C28
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

班艾佛列克挑戰蝙蝠俠 拖「格雷」一同下水 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

320
Requests

86 %
HTTPS

0 %
IPv6

58
Domains

95
Subdomains

57
IPs

7
Countries

2912 kB
Transfer

8155 kB
Size

48
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 78
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975773&bpp=12&bdt=2097&idt=1536&shv=r20221110&mjsv=m202211140101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=2&ga_vid=2074687290.1668833977&ga_sid=1668833977&ga_hid=315919448&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1596&biw=1600&bih=1200&isw=336&ish=280&ifk=3248622329&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070924&oid=2&pvsid=3493173693308844&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6irv4n4leau5&btvi=1&fsb=1&dtd=1556 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Request Chain 120
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_cver=1&google_push=ASkJ3FZkL4z1vljoWD91aOlL00XDKKrcdJKm9ZTyZU7x0B04CHUucs3EGc6Jql3EatY-i8FEFlA2vkOl_0U9zmYuDpy9aeZhZ_y7 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=122002cea4e6201f&is_secure=true&networkId=14000&version=1&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_cver=1&google_push=ASkJ3FZkL4z1vljoWD91aOlL00XDKKrcdJKm9ZTyZU7x0B04CHUucs3EGc6Jql3EatY-i8FEFlA2vkOl_0U9zmYuDpy9aeZhZ_y7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJlYc3ZGIy9QNCQRwZAAAAAAA&expiration=1668920380&google_cver=1&is_secure=true&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_push=ASkJ3FZkL4z1vljoWD91aOlL00XDKKrcdJKm9ZTyZU7x0B04CHUucs3EGc6Jql3EatY-i8FEFlA2vkOl_0U9zmYuDpy9aeZhZ_y7
Request Chain 121
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_gid=CAESEDT9YPL_o3_3cPgIkTs1OpQ&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_gid=CAESEDT9YPL_o3_3cPgIkTs1OpQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_hm=ATPwdf-KMsdOks8ADv_jGsR3BMA
Request Chain 122
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP_iEDs78vopMB9QMw2-kdk&google_cver=1&google_push=ASkJ3FbvIETdUhVs_NGAYNyAAJ9hJTOMcybb6dwhUCn1MmcQ1FZH7o-YTemO9bRNbm2fzv4LBN7Q1MzqUyqgDAhjvi11zRGPlxo HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP_iEDs78vopMB9QMw2-kdk&google_cver=1&google_push=ASkJ3FbvIETdUhVs_NGAYNyAAJ9hJTOMcybb6dwhUCn1MmcQ1FZH7o-YTemO9bRNbm2fzv4LBN7Q1MzqUyqgDAhjvi11zRGPlxo&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ULRv79tZS2eHqLYM6gJvMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvIETdUhVs_NGAYNyAAJ9hJTOMcybb6dwhUCn1MmcQ1FZH7o-YTemO9bRNbm2fzv4LBN7Q1MzqUyqgDAhjvi11zRGPlxo
Request Chain 123
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJPgyfb_1gRjc_eGmf39FaY&google_cver=1&google_push=ASkJ3FbEuVsFiaUrRwKfSWqhfuHM-2NtnLtvvGWABPvJTYzLo0dMmR_3cWjlk5s2lAXecn3KSa0D90MYeKS_F62vObKF-XPecwZF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LW5ySFdJSLFPjFVKFZoO7nRaSso&google_push=ASkJ3FbEuVsFiaUrRwKfSWqhfuHM-2NtnLtvvGWABPvJTYzLo0dMmR_3cWjlk5s2lAXecn3KSa0D90MYeKS_F62vObKF-XPecwZF
Request Chain 124
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEBqOmIbMidQgspksSbU0aT4&google_cver=1&google_push=ASkJ3FbAe-T9vZTH1PQjP3RJqniaoZeGSe_MpYgs6jQZB0KiYGwZtykXX4JKYVO5yMbLInhWti_3_g0w6x7m286Yg4S2BvfhQJhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbAe-T9vZTH1PQjP3RJqniaoZeGSe_MpYgs6jQZB0KiYGwZtykXX4JKYVO5yMbLInhWti_3_g0w6x7m286Yg4S2BvfhQJhQ&google_hm=Z2ZhNDdmMjhhZWRmZDM2ODA3OGM=
Request Chain 125
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPJUYSFqZ7VS_vwJA-HpsGU&google_cver=1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1668833979765 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-fe320e4d-2d38-4704-bd9e-0196e036830f-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp%26google_hm%3DBP4yDk0tOEcEvZ4BluA2gw8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp&google_hm=BP4yDk0tOEcEvZ4BluA2gw8
Request Chain 156
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833979514&bpp=13&bdt=430&idt=821&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5736368877663&frm=8&ife=1&pv=2&ga_vid=762475498.1668833980&ga_sid=1668833980&ga_hid=703341490&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=1407119805&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44777876%2C42531705%2C44767166%2C31070762%2C44770880&oid=2&pvsid=3690841905762444&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.izqi9tx4eb51&fsb=1&dtd=845 HTTP 302
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Request Chain 239
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1&google_push=ASkJ3FZNG9I4L4M5eliLj9DAzitYsaCFHaEDAL7uS_FxnodpY5CWhDVhjtTg1fBSPuoi0IAuYxEQUAfBQn9L5x32nH_9U2o1DNDXCVs33QuIKEFz2Hs-rm7n60ZTWP7RsiP6Ci2vMgX9zlnOCUM9bGtI0h8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc1NzE0NzczNDI1ODc0NjU5Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
Request Chain 241
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFV63BYNj9HC1QXftaqSNpo&google_cver=1&google_push=ASkJ3Fb57KWlgMzdmpbje2FfUNSaw1WwTAzmiJk4_nsoKHqmdxLYiwVlzcj4ibXctqCMLouu3__U-7m2SBaDniRNdA4GuSWjdRv0HUMGQBXcHqsOFiP2VzdUhHoVWrMYyxTbze_94C7Bo0V-071rb1NoDtE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fb57KWlgMzdmpbje2FfUNSaw1WwTAzmiJk4_nsoKHqmdxLYiwVlzcj4ibXctqCMLouu3__U-7m2SBaDniRNdA4GuSWjdRv0HUMGQBXcHqsOFiP2VzdUhHoVWrMYyxTbze_94C7Bo0V-071rb1NoDtE&google_hm=JX1k554ZSb-l3wXFSj69jso
Request Chain 243
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FYGwr-64EAQ1h3jnzwi8BhXvfQUpxrS0WgnGZyU5Fm-9hNB7a2mFt69nu7VbzA70_9QWxgiSHW7gPoAgjKkq9OFklH1T1zvX2oZrlvr-lModG-Z8PDkHpdPCeKejAg8qove0-wXtfZwd6JhZIbzVtQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FYGwr-64EAQ1h3jnzwi8BhXvfQUpxrS0WgnGZyU5Fm-9hNB7a2mFt69nu7VbzA70_9QWxgiSHW7gPoAgjKkq9OFklH1T1zvX2oZrlvr-lModG-Z8PDkHpdPCeKejAg8qove0-wXtfZwd6JhZIbzVtQ HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Request Chain 244
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHAZgwzGnkLfoW3An02oMwE&google_cver=1&google_push=ASkJ3FaL-A3RtyPYsj_L0B397URgz9UMk8iKiTYFLOAnvAtNF9ocLUs9l4on3vy0Xe0RnOjiFsCBD9qH0YmLPZUlsgApFX6y08nxrBHFmZqouX7xSIzysM4kbiE_6_mKO-rlE3FxtSWxgro2ltiqtwA6g7E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaL-A3RtyPYsj_L0B397URgz9UMk8iKiTYFLOAnvAtNF9ocLUs9l4on3vy0Xe0RnOjiFsCBD9qH0YmLPZUlsgApFX6y08nxrBHFmZqouX7xSIzysM4kbiE_6_mKO-rlE3FxtSWxgro2ltiqtwA6g7E&google_hm=NjY5ODYwNDcyMjQ5MTM3NjAzNg%3D%3D
Request Chain 245
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?ext-param=ASkJ3FbQbbmrfLdvtkmWMQz8m7Az2_fxPWeyRR1gNbce-5IVx11nB24pkMggV9jdzkoclp-P9J0a82x8v6oTZ9XYam-oIje40_-b-EDFaYOU8_bb310Q4bwNiMyV--JX2qf5zbIFWOsEmI3SCXUXCnB9zQT9&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?redir-setuniq=1&ext-param=ASkJ3FbQbbmrfLdvtkmWMQz8m7Az2_fxPWeyRR1gNbce-5IVx11nB24pkMggV9jdzkoclp-P9J0a82x8v6oTZ9XYam-oIje40_-b-EDFaYOU8_bb310Q4bwNiMyV--JX2qf5zbIFWOsEmI3SCXUXCnB9zQT9&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELLT2EkYlUUi_yNgVP4MfEg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 247
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1&google_push=ASkJ3FbmvydZ1vqCScjJzI2MMYsW2j63GMt2Or19SH_Xm5cNG8HK6HZ4onKKJbUvhHgiXV5_3oF3kFEjirYuUwqruw04YK3MDJ9D-ZJZKvW5bd9H5ixssabNHmWuVE8ss7wIt0xguCY_ARiujlKFtxHonhI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjgyOTIwNTMyODI5NjY3NDUyOQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
Request Chain 248
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPD0_-m8em9chqy0nBdrX6s&google_cver=1&google_push=ASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPD0_-m8em9chqy0nBdrX6s&google_cver=1&google_push=ASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 250
  • https://a.c.appier.net/gcm?google_gid=CAESEI1s8k0pYlZiKUYeJFdlDpY&google_cver=1&google_push=ASkJ3FYBWKVwyPTKLuesR6eTOkDFm1Y0RTPIfEU2RY61GJjdvGGylxsmMlzX8wsQ2LVrZsy6AHa7HUJJDU39ILdu-SXe6ZraalPhsecP-Pq01o6pE8PEkXIP4CHUP0Tl61Z18JicX_VQlymGYngIyQLcxh0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Ykx5bUVNSTdDdjZJZUpoOXdHSjRZdw%3D%3D&google_push=ASkJ3FYBWKVwyPTKLuesR6eTOkDFm1Y0RTPIfEU2RY61GJjdvGGylxsmMlzX8wsQ2LVrZsy6AHa7HUJJDU39ILdu-SXe6ZraalPhsecP-Pq01o6pE8PEkXIP4CHUP0Tl61Z18JicX_VQlymGYngIyQLcxh0
Request Chain 251
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FaDTra54u5NoAbPbGexWUn3mi3anN7k-VsKkIFv_pEe-MrGdnHr_mzs89ELaZljZ0qcdVwVMnM3fNUQfIdiniHQXNAHxL0MeXvl_BKDZUKIw70kicczhLQ7tlrT_xTnLwXVwixVmEoxOeaOG0hYSw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FaDTra54u5NoAbPbGexWUn3mi3anN7k-VsKkIFv_pEe-MrGdnHr_mzs89ELaZljZ0qcdVwVMnM3fNUQfIdiniHQXNAHxL0MeXvl_BKDZUKIw70kicczhLQ7tlrT_xTnLwXVwixVmEoxOeaOG0hYSw HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9f29e3b1-b243-430f-929c-d55b5e101788
Request Chain 252
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHAZgwzGnkLfoW3An02oMwE&google_cver=1&google_push=ASkJ3Fa8qBX5DlCUxWKmAhbfl_tb6VTQ5ECm2Z-uf6B-C8_BdSiocnzrTxoQ4zBRu7EghcCG3_bFIY1jM0VyvIezW-IERQpDb6tlT6kNq-gEVlB56YZcZZIOvmby0oLMdQK7Uq6uHucGfFJAjaPdbzY87es HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa8qBX5DlCUxWKmAhbfl_tb6VTQ5ECm2Z-uf6B-C8_BdSiocnzrTxoQ4zBRu7EghcCG3_bFIY1jM0VyvIezW-IERQpDb6tlT6kNq-gEVlB56YZcZZIOvmby0oLMdQK7Uq6uHucGfFJAjaPdbzY87es&google_hm=OTY0OTYyODgzMTc2OTIzMjIy
Request Chain 253
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?ext-param=ASkJ3FaELJax4gKoyO0VYannaWdcO0wtppSdLUI5IBXStsKt2okWCd_1bbyMRt1kUhVi12aqsadalOjE8B0ZPkWlk16Q1Wo6AC8gyiQwHMOijsE31SMFjTSiN2J5mvw63TvV9deiU2_d_tnZKlFE1VFmbDU&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?redir-setuniq=1&ext-param=ASkJ3FaELJax4gKoyO0VYannaWdcO0wtppSdLUI5IBXStsKt2okWCd_1bbyMRt1kUhVi12aqsadalOjE8B0ZPkWlk16Q1Wo6AC8gyiQwHMOijsE31SMFjTSiN2J5mvw63TvV9deiU2_d_tnZKlFE1VFmbDU&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELLT2EkYlUUi_yNgVP4MfEg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 297
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 300
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2829205328296674529&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 301
  • https://match.adsrvr.org/track/cmf/openx?oxid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=47228b03-f4ab-4ad4-9279-77d101004c57&ttd_puid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0&gdpr_consent=
Request Chain 303
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Adg4lS_YV3g1ks8ADv_jGsR3BM8AAAGEjkHCsA
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPTx7MBKPtiVEcfnSE-euTc&google_cver=1

320 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
www.bg3.co/a/ 		50 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cc064228f08646c0ac2d6426aad494a4b05df68de15d2fd428796506a67aa632

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Nov 2022 04:59:32 GMT
ETag
"c62c-eatOYUD1g5+IfRlIyxgjrMqZtEU"
Expires
Sat, 19 Nov 2022 05:59:32 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:59:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72561
x-xss-protection
0
server
sffe
etag
"8982a451fc00c1b3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:59:32 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:59:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"6079829c87823654"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:59:32 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:59:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
server
sffe
etag
"1ef491f2ce412f6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:59:32 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 19 Nov 2022 04:59:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31953
x-xss-protection
0
server
sffe
etag
"eddf6e9f984d26cc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Nov 2022 04:59:32 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:33 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Nov 2022 08:39:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6374a1c4-ae16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdnQx6Gbjyfk0YssZN%2BXTcx1Mr3tJdr%2FExcMnws6QVEz2a20jOOcr4%2BZinMGYRbmfw3Sqh5eoQFY8wTl46AV8Ih3AGPD1zfitCyBVO%2BGme5EObFNUbfM7guL8A9WUkMV8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
76c6608d5b136a72-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44566

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:33 GMT
content-encoding
br
last-modified
Fri, 18 Nov 2022 08:00:32 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
x-cf-geodata
NZ
content-length
9035
expires
Sat, 19 Nov 2022 05:59:33 GMT
adpushup.js
cdn.adpushup.com/42753/ 		518 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:33 GMT
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:46:28 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
x-cf-geodata
NZ
content-length
114452
expires
Sat, 19 Nov 2022 05:59:33 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1887
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWecImSxwHWwTdZH3%2FNvvkk19KO3wRCItyreM9WQtlbjKPXqm5DULMstWuZSLzRaY4OwtCui831%2F4wVAp3%2FjrFaIL2M2OfZbfczzAnxUtcqD%2FKye3b7BELvJbGC%2FqrD4UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
76c6608fce036a72-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:59:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:59:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5536902915767521&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:59:34 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9660693077869951&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:59:34 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:35 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMfh4ZsGEogBCiQwN2IzMDRmNi0xNzRlLTQyZTktODBjYy04YTdkNTVlMTNkMGQQ6JCNkN3O+gIaBgi3xeGbBiINMTE2LjkwLjc0LjIwMijWtgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGFmNTFlNTg2LWI2OTMtNDRkZC1hNGZkLTJiZmU1Nzk5YzAzZRi46QE=.7w3PbM+mDBth6Ke5FkPYIpaNgpENmYOiAkYa5pOV62o=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1668833975.dop203.la3.t,1668833975.cds003.la3.hn,1668833975.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
31e7f00ff71790b9454a27b61e1a7b0c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/31e7f00ff71790b9454a27b61e1a7b0c.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
db7c80d461559dfe172c41e5b1e11adf.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/db7c80d461559dfe172c41e5b1e11adf.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
eb5c05d61d366200be9e497547293404.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/eb5c05d61d366200be9e497547293404.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
c11be646a31c5c315b4ee1dafa783ae2.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c11be646a31c5c315b4ee1dafa783ae2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1ca31205d3ffd8a3237353bcd03b4211.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1ca31205d3ffd8a3237353bcd03b4211.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
8d80c05f68fef59377e1bbf59888e488.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8d80c05f68fef59377e1bbf59888e488.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
01c434bb32388d3ad1c79b5fc3517679.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/01c434bb32388d3ad1c79b5fc3517679.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
712d971946f6a872a41dcd2fcabb47e3.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/712d971946f6a872a41dcd2fcabb47e3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
495d6b1dc69d2062826848c2f1e0484d.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/495d6b1dc69d2062826848c2f1e0484d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
9b213cc75eb7d12beb965e953a745290.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9b213cc75eb7d12beb965e953a745290.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a03d59faf31a37afb346a4a70c699b56.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a03d59faf31a37afb346a4a70c699b56.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
27cedc04300eb143e7e6fb53f201d304.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/27cedc04300eb143e7e6fb53f201d304.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1e73e1d7f44f643a4566348105ba720b.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/1e73e1d7f44f643a4566348105ba720b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2ed73a20c006d8d4dde77a07eb1ec603.jpg
static.bg3.co/imgs/202106/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/2ed73a20c006d8d4dde77a07eb1ec603.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
7be4d88c42c32d5606ace063d0f5f75c.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/7be4d88c42c32d5606ace063d0f5f75c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
d6ed3071009c3accc214e9b733a6d742.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/d6ed3071009c3accc214e9b733a6d742.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ac7b8084593e7e3b32176ae2504ed1ac.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/ac7b8084593e7e3b32176ae2504ed1ac.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4bf226b204cfe6cc918649c518aa0b48.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4bf226b204cfe6cc918649c518aa0b48.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e8f82cef33b7d8c3ba95e97492345717.jpg
static.bg3.co/imgs/202105/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e8f82cef33b7d8c3ba95e97492345717.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
291470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2991
x-xss-protection
0
server
sffe
etag
"413d5b5eb26df1c9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
291470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23066
x-xss-protection
0
server
sffe
etag
"1b79e24071ca714c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
71248122428a02504cb699fc530df9bef59f6a72ada624c384c33ee8ec3391f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
520
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
291470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3936
x-xss-protection
0
server
sffe
etag
"2e876f41249f1a45"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:36 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMjh4ZsGEogBCiRmMzFiYjQxMS0yZjAzLTRhMjAtYjcyNy1hYWJhYTY5MTcyMGUQ6JCNkN3O+gIaBgi4xeGbBiINMTE2LjkwLjc0LjIwMijWtgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGY1MjJjNmEzLTIxZjEtNGFjNS1iMTBhLTUzNDQyNjFjNTAzNxib8QE=.jNj5Qv59m6ljeRUt2n0H4m0AFSBRmfkISEDzN5cn/jU=
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1668833976.dop203.la3.t,1668833976.cds003.la3.hn,1668833976.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5E34 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
7800bf45fc531c7c4814f0047ff19a04170a3eee2b4cd211da627cfbe71b50a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
server
cafe
etag
3839249645381679901
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:35 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 10E4 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
7c273b6424d1582aac33a25fdd4b71d49049456333d1f266741ad43b3d673701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34223
x-xss-protection
0
server
cafe
etag
1973071762754445835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:35 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:01:46 GMT
age
291470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10255
x-xss-protection
0
server
sffe
etag
"4d52d329cbd34968"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:01:46 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 76CF 		714 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6681
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76c6609698cda979-SYD
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 04:59:34 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEP8HKfTaEkeNuzxLXcKNPZfBHFHAJDxL0w2xYxkc6QWwY2CaKfg2LejtKnaWm53i%2FtzMwLa9eh%2FOcQrHFrEliz%2FI1eiHKSBpceHSBHqqtWN9%2FPjRmCo%2BCsn%2FJZ7ByVlDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.120.88.131 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Nov 2022 04:59:36 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame D41E 		714 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
age
6681
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
76c6609698dfa979-SYD
content-encoding
br
content-type
text/html
date
Sat, 19 Nov 2022 04:59:34 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUHgs4iid30SFN8%2BgTDzT0VvST5nglBji42TYdn3FofUgQD56C%2FsqgTP4CctbWhI7iFa1rRYqq8vhEUQbjK3BR0DxSWgLy%2FYQj4Erm%2FCEW%2FQdyN6kabZPDeSXN49ipjsSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gtag.json
cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:02:05 GMT
age
291450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"f8777e0f4a2af1a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:02:05 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 76CF 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8961b6e0d131ba5317bbfa378382b83673ac603f785fbf5b2749cabefe869a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1396 / 382 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 04:59:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D41E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8961b6e0d131ba5317bbfa378382b83673ac603f785fbf5b2749cabefe869a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1396 / 545 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 04:59:35 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 5E34 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
2ca4d28ab2c14f13d6f0a8ea5175a4bfe3773cae9c502545a97b396737c974ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
14358802220943534917
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:36 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 19 Nov 2022 04:59:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ Frame 10E4 		354 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
bf747d03c51aaa3690742886f12dff8050ea067f931b203720988c9d1366c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119216
x-xss-protection
0
server
cafe
etag
6755253356741338566
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:36 GMT
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1668833975944
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.201 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-201.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:36 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
631
expires
Sat, 19 Nov 2022 05:59:36 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 76CF 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 12:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 12:10:10 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame D41E 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 12:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319766
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 12:10:10 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012211042305000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 20:10:34 GMT
age
290942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57837
x-xss-protection
0
server
sffe
etag
"23f3142da2c5be06"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 20:10:34 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E7%8F%AD%E8%89%BE%E4%BD%9B%E5%88%97%E5%85%8B%E6%8C%91%E6%88%B0%E8%9D%99%E8%9D%A0%E4%BF%A0%20%E6%8B%96%E3%80%8C%E6%A0%BC%E9%9B%B7%E3%80%8D%E4%B8%80%E5%90%8C%E4%B8%8B%E6%B0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-PSPqDESYB1NK2c1Q8j2OVw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7034260127018683&gjid=0.8833395145459708&_r=1&a=6619&z=0.7766410787024536&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5
content-length
94168
expires
Sun, 19 Nov 2023 04:59:38 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
506 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3
content-length
211
expires
Sun, 19 Nov 2023 04:59:38 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
17440
expires
Sat, 19 Nov 2022 05:59:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
8961b6e0d131ba5317bbfa378382b83673ac603f785fbf5b2749cabefe869a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27247
x-xss-protection
0
server
sffe
etag
"1396 / 514 of 1000 / last-modified: 1668812924"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Nov 2022 04:59:37 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:37 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-21854178762957812495.ampproject.net/2211042305000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-21854178762957812495.ampproject.net/2211042305000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njg4MzM5NzcwNTMsInBhY2tldElkIjoiMDAwMEE3MDEtMzExNzU0M2YtZjBjMS00NTJmLTljNTEtN2FjZTEyZGZlMjNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1haS1mby1saWUta2UtdGlhby16aGFuLWJpYW4tZnUteGlhLXR1by1nZS1sZWkteWktdG9uZy14aWEtc2h1aS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=5891.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2Njg4MzM5NzcwNTMsInBhY2tldElkIjoiMDAwMEE3MDEtMzExNzU0M2YtZjBjMS00NTJmLTljNTEtN2FjZTEyZGZlMjNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1haS1mby1saWUta2UtdGlhby16aGFuLWJpYW4tZnUteGlhLXR1by1nZS1sZWkteWktdG9uZy14aWEtc2h1aS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9&c_b=5892.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg4MzM5NzcwNTMsInBhY2tldElkIjoiMDAwMEE3MDEtMzExNzU0M2YtZjBjMS00NTJmLTljNTEtN2FjZTEyZGZlMjNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1haS1mby1saWUta2UtdGlhby16aGFuLWJpYW4tZnUteGlhLXR1by1nZS1sZWkteWktdG9uZy14aWEtc2h1aS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D&c_b=5892.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
adpushup-label.svg
campaign.adpushup.com/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaign.adpushup.com/ads/adpushup-label.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.39.108 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7CA) /
Resource Hash
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
last-modified
Thu, 12 Nov 2020 09:18:18 GMT
server
ECAcc (nwa/E7CA)
age
4247
etag
"5facfdda-21e0"
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=14400
accept-ranges
bytes
content-length
8672
expires
Sat, 19 Nov 2022 08:59:38 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg4MzM5NzcwNTgsInBhY2tldElkIjoiMDAwMEE3MDEtMzExNzU0M2YtZjBjMS00NTJmLTljNTEtN2FjZTEyZGZlMjNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1haS1mby1saWUta2UtdGlhby16aGFuLWJpYW4tZnUteGlhLXR1by1nZS1sZWkteWktdG9uZy14aWEtc2h1aS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=5897.39999961853
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2Njg4MzM5NzcwNjEsInBhY2tldElkIjoiMDAwMEE3MDEtMzExNzU0M2YtZjBjMS00NTJmLTljNTEtN2FjZTEyZGZlMjNhIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1haS1mby1saWUta2UtdGlhby16aGFuLWJpYW4tZnUteGlhLXR1by1nZS1sZWkteWktdG9uZy14aWEtc2h1aS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19&c_b=5900.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ Frame 76CF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 76CF 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 76CF 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1664468866613733&correlator=3394033444570553&eid=44778409&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668833977102&lmt=1644386353&dlt=1668833974895&idt=2184&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=s13rj1kj9a3x&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1602523044.1668833977&ga_sid=1668833977&ga_hid=598153106&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
67672a5194fc0776c61836b1bc5f8c72fdf57f495a699ee19389e24ae74f6733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC3F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:37 GMT
expires
Sun, 19 Nov 2023 04:59:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame D41E 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D41E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D41E 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2890339194273179&correlator=3924527841527139&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1668833977285&lmt=1644386353&dlt=1668833974904&idt=2372&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=abai2v3v61p2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1863295434.1668833977&ga_sid=1668833977&ga_hid=677925227&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
0f89174ca42c80b559e3aaee2bc804e11739af6622720d7665e44e050c2ba668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 14BE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:37 GMT
expires
Sun, 19 Nov 2023 04:59:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 10E4 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
8b3d576f3a758f7aa0f3ceec4533b656103dee1e49a3e7445131cf1ff1025d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 10E4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 10E4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
adx.holmesmind.com/adx-file/20221117/ Frame AF54
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=...
  • https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
891
content-length
673
content-type
text/html
date
Sat, 19 Nov 2022 04:44:48 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Thu, 17 Nov 2022 07:10:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
zQK3O6XhLkG2nNj-TecqoHJJNqUvbJr7Gq-GFyjIdSRjDYjc9Bek1A==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
b3LGmBAhby0rF5s3WuXdhl5wmvGClwHA
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:38 GMT
location
https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 12:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
319768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 12:10:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Sat, 19 Nov 2022 04:59:38 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5E34 		379 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
f686b41a0e840919ceb312e2dc2e4b5c3f40f6bd6b65b6d2db9070049f15d6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ Frame 5E34 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5E34 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 31AB 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
08cbc197c8422a300e3656b876c1e421e12e18159d5e47f8dd0a9999f04e2246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12698
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:38 GMT
expires
Sat, 19 Nov 2022 04:59:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 75C2 		603 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-42939132481726956798&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3345&oid=2&is_amp=5&amp_v=2211042305000&d_imp=1&c=12182006619&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&ga_hid=6619&dt=1668833977179&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&bdt=4948&dtd=691&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211042305000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:38 GMT
expires
Sat, 19 Nov 2022 04:59:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 76CF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b1d74c7ad627e3b248e59bb66d96dbea670bc2f330268257ecebf965f6cb9362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12683
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D41E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
c7fa7fd0d1e0e47897ebe6e0e8139fa12c9f1ed0286772eb15f9cddb130fcf65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12430
x-xss-protection
0
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d92ecee434f7ba89b4efc74a4fca7a7ba57c3d19408e98c205bba9c76529f7dc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:38 GMT
content-encoding
gzip
etag
"ARCJ3bZzg028nAVGSSCKyA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 26 Nov 2022 04:59:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 76CF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:39 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2425 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0YeTumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBP8BT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0SxgT8TyYtqBCrlQQvvNwKvCrna5cdqb02LKHCedhREY64eWhnMoAgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=Fj5rOFN7t80&uach_m=[UACH]&cid=CAQSKQDq26N9YUxF56XNhlqRTB6eC20QARDEUTbCPphdy6sapjgG2czvDnqYGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 19 Nov 2022 04:59:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 2425 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k6jEFPz1BqwC-gFi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQuWJ4Y_cBoWpWu3l-HTPVABIAAA&wp=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
184897
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 0475 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
752ea30a5c2a9fbb91f2167e724af7c5b362b14a6593e4635a017397e86fdae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:39 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=qOLAelOSqEMB2aTA5s-W3QmLFNgQfM-1NrUn9x5XewJpTjT-FMeWHj8aFASUn6MgS-SMms7iggh_paOPD_PtJ272we_4hSLO2Vicx5GSpI68zEWjdRbZZSVF4j1-UZ16XS49cJULRXTTb200ZmnB8yuzB3kzjR0atGFHGCxia8U4Zr2Uzx8gZ8GqYnyyswYDPLLUEKF50d1hoGfxJ_SRvoI7O18bg4kPQbpIuIrN8frpehkl6BVXUTdI8MWifMXjDqpCycyeWdz0wHfG"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5180178
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2425 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45378
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CFB8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
51972
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2425 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45378
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame 2425 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlb7Y_5LqcZUb51_g67GmtBgQvczPj19WlbpNXZXwvfmfHEAby2X-AdDyp9T9mZX0ocawWqMI37ww0JH9ZTNso1CorpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2425 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:40 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221119
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d394c8474dfabc643e183cc3421642ad0842d0a0c8144bc4c6077de64e6845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7098
x-jsd-version
1.0.1528
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4544-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-0Yuu8EilQG0pLc40+fWjoPTTtbM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2ES3B8tdXvjH7rA%2BVvgSm0g1RPit7RYO6%2FGt9xQDfZGOByc43%2Bh1GwH3gygmh%2FTy40UjMp%2BJcQUrjgIJv9FZCw2Kb5Fz63GQuHcLFqDwRb8z3RhFJmj%2BeDciXReLvR3SO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76c660b16d61a974-SYD
arj
adpushup-d.openx.net/w/1.0/ 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fe41345d-8149-405e-9b0e-95212def5101%2Cf82f8b99-c5e1-40f7-b6fa-a1453c1ecfee%2Cbcfd3329-c217-470d-84e8-e5f3889385ab&nocache=1668833978766&pubcid=9c52519a-86a3-4a0c-9f47-3d4767643a3b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d246dddf2836b66ec0459590a70f6497324f1ba3b273da8f5b56939f1d85cc06

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4761
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f4f2d705-9f6c-48e9-a1cb-041c04e17846&nocache=1668833978767&pubcid=9c52519a-86a3-4a0c-9f47-3d4767643a3b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b18e11c0-e770-4b92-9bb5-0577ec5e21fa&nocache=1668833978767&pubcid=9c52519a-86a3-4a0c-9f47-3d4767643a3b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		0
0
cygnus
htlb.casalemedia.com/ 		36 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2280e1294f05049d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215956aa4005b912%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2218ac57209daaa5f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22194705545a8dae4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229c52519a-86a3-4a0c-9f47-3d4767643a3b%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf9f28c5e335c859ee32ea5e4b7ecba0346d636ab6290e597f116a012c525ad

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpiGwypNfrkO7l%2FSCTfB2ZmOa%2Fu1SFQ0by%2FZlRhSesQMDS8d4FNEcAjMqO9gyjXhFXDVwrrYZoq5xdU085mIpWC%2By0UoJyAVZygUzjTYruj9AIFX8NfNkVoXJfFW0KUfrWOsC3jS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c660b13bdd1c57-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2280e1294f05049d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2218ac57209daaa5f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22194705545a8dae4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229c52519a-86a3-4a0c-9f47-3d4767643a3b%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf9f28c5e335c859ee32ea5e4b7ecba0346d636ab6290e597f116a012c525ad

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy%2BKb9c9ihzKbEPDIE%2Fimyc4e9V6FRV2BeNZcIYkqAqxPjnlEo4EmoYNSC3pcaky8brl%2FRqPhHLVuYDlngIenrCrBUsGQ48nAwPIJkxp6cnPS4ZuN5Mb77hWlpm2Kn92vsJ%2B0bRB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
76c660b13bde1c57-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=59046215147
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
adreq
ads.servenobid.com/ 		717 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=8367
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.204.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-204-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.40.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
958e3613dcbc29967968367b45ec0527da8e40c69f7c8300b470fcea89c7503e

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.40.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b5c9d5142a3448d49d469012bf4ded01e79ead0fc72aaabaa376dfda889163b9

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.40.184 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-40-184.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
33a7826fed4a51bbd01f8e3eb4b4ea200e5562ac7af65c42ae08f8c91ef149c5

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
x-prebid
pbs-java/1.104.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=9c52519a-86a3-4a0c-9f47-3d4767643a3b%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=7b86eaf4-ef70-488b-a9b6-cbf14f679daa%3B55451c4d-084a-4d97-a933-ad35a01d6c10%3B6bcc9b50-04c3-4e80-b028-0ef166d84e30&l_pb_bid_id=299a61542475629%3B309390ce90def21%3B31e7f2d5dc06976&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.08421471719802409
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f32f933b3fb738bfb642f9ed6989debd35891daa27a9178874341f2651fa2e90

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3353e3b36d7b7ee8cf0f81ed569398f0e8e83b5fc24046a3a92e08e0ba62fc8b

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 19 Nov 2022 04:59:39 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a67a82f5a852b641909d530cf2b9ebe9b16c0ab11665480b40ea9fa0870291a

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
96
alt-svc
clear
expires
Sat, 19 Nov 2022 04:59:39 GMT
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		377 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c4ab01c741996ed435ed1083e30f2cfaefb930f7be328cf4f6420f311e2c74b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:59:39 GMT
AN-X-Request-Uuid
038f946c-73df-4998-aab1-a8b6e6623b39
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
377
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.22.207 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-22-207.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sat, 19 Nov 2022 04:59:38 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
bid-request
a.teads.tv/hb/ 		16 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 19 Nov 2022 04:59:39 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.91.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-91-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
26
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D41E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:39 GMT
pixel
cm.g.doubleclick.net/ Frame CFB8
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_cver=1&google_push=ASkJ3FZkL4z1vljoWD91aOlL00XDKKrcdJKm9ZTyZU7x0B04CHUucs3...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=122002cea4e6201f&is_secure=true&networkId=14000&version=1&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_cver=1&google_push=ASkJ3FZkL4z1...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJlYc3ZGIy9QNCQRwZAAAAAAA&expiration=1668920380&google_cver=1&is_secure=true&google_gid=CAESECDH5wBNhsp2lmmcp25AR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJlYc3ZGIy9QNCQRwZAAAAAAA&expiration=1668920380&google_cver=1&is_secure=true&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_push=ASkJ3FZkL4z1vljoWD91aOlL00XDKKrcdJKm9ZTyZU7x0B04CHUucs3EGc6Jql3EatY-i8FEFlA2vkOl_0U9zmYuDpy9aeZhZ_y7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:40 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJlYc3ZGIy9QNCQRwZAAAAAAA&expiration=1668920380&google_cver=1&is_secure=true&google_gid=CAESECDH5wBNhsp2lmmcp25ARlY&google_push=ASkJ3FZkL4z1vljoWD91aOlL00XDKKrcdJKm9ZTyZU7x0B04CHUucs3EGc6Jql3EatY-i8FEFlA2vkOl_0U9zmYuDpy9aeZhZ_y7
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame CFB8
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_gid=CAESEDT9YPL_o3_3cPgIkTs1OpQ&google...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_gid=CAESEDT9YPL_o3_3cPgIkTs1Op...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_hm=ATPwdf-KMsdOks8ADv_jGs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_hm=ATPwdf-KMsdOks8ADv_jGsR3BMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
via
1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=ASkJ3FYfbH9k-X6K93GBvtIlsAWJ22N2Ef61LihISSCaORUhsIM4ZXqi6aZUk95PfzPnaRlOKHwsoSpK2xngMgTSNPrlx2ZhORuH&google_hm=ATPwdf-KMsdOks8ADv_jGsR3BMA
cache-control
no-cache
content-length
0
x-amz-cf-id
xEhMLTmw0B58veIQg5MNLGM23AkjeUimZ4YtoUadJbrRLW3iwTJ_3Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame CFB8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ULRv79tZS2eHqLYM6gJvMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ULRv79tZS2eHqLYM6gJvMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvIETdUhVs_NGAYNyAAJ9hJTOMcybb6dwhUCn1MmcQ1FZH7o-YTemO9bRNbm2fzv4LBN7Q1MzqUyqgDAhjvi11zRGPlxo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ULRv79tZS2eHqLYM6gJvMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbvIETdUhVs_NGAYNyAAJ9hJTOMcybb6dwhUCn1MmcQ1FZH7o-YTemO9bRNbm2fzv4LBN7Q1MzqUyqgDAhjvi11zRGPlxo
date
Sat, 19 Nov 2022 04:59:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CFB8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJPgyfb_1gRjc_eGmf39FaY&google_cver=1&google_push=ASkJ3FbEuVsFiaUrRwKfSWqhfuHM-2NtnLtvvGWABPvJTYzLo0dMmR_3cWjlk5s2lAXecn3KSa0D90MYeKS_F62...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LW5ySFdJSLFPjFVKFZoO7nRaSso&google_push=ASkJ3FbEuVsFiaUrRwKfSWqhfuHM-2NtnLtvvGWABPvJTYzLo0dMmR_3cWjlk5s2lAXecn3KSa0D90MYeKS_F6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LW5ySFdJSLFPjFVKFZoO7nRaSso&google_push=ASkJ3FbEuVsFiaUrRwKfSWqhfuHM-2NtnLtvvGWABPvJTYzLo0dMmR_3cWjlk5s2lAXecn3KSa0D90MYeKS_F62vObKF-XPecwZF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=LW5ySFdJSLFPjFVKFZoO7nRaSso&google_push=ASkJ3FbEuVsFiaUrRwKfSWqhfuHM-2NtnLtvvGWABPvJTYzLo0dMmR_3cWjlk5s2lAXecn3KSa0D90MYeKS_F62vObKF-XPecwZF
Date
Sat, 19 Nov 2022 04:59:40 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame CFB8
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEBqOmIbMidQgspksSbU0aT4&google_cver=1&google_push=ASkJ3FbAe-T9vZTH1PQjP3RJqniaoZeGSe_MpYgs6jQZB0KiYGwZtykXX4JKYVO5yMbLInhWti_3_g0w6x7m286Yg4S2BvfhQJhQ
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbAe-T9vZTH1PQjP3RJqniaoZeGSe_MpYgs6jQZB0KiYGwZtykXX4JKYVO5yMbLInhWti_3_g0w6x7m286Yg4S2BvfhQJhQ&google_hm=Z2ZhNDdmMjhhZWRmZDM2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbAe-T9vZTH1PQjP3RJqniaoZeGSe_MpYgs6jQZB0KiYGwZtykXX4JKYVO5yMbLInhWti_3_g0w6x7m286Yg4S2BvfhQJhQ&google_hm=Z2ZhNDdmMjhhZWRmZDM2ODA3OGM=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ASkJ3FbAe-T9vZTH1PQjP3RJqniaoZeGSe_MpYgs6jQZB0KiYGwZtykXX4JKYVO5yMbLInhWti_3_g0w6x7m286Yg4S2BvfhQJhQ&google_hm=Z2ZhNDdmMjhhZWRmZDM2ODA3OGM=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame CFB8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-fe320e4d-2d38-4704-bd9e-0196e036830f-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FbYOmxZs75YWY6_w9ft6...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp&google_hm=BP4yDk0tOEcEvZ4BluA2gw8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp&google_hm=BP4yDk0tOEcEvZ4BluA2gw8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbYOmxZs75YWY6_w9ft6CTvbFEDI0xGOZtnsXXohPVeFcyXfiCIlAQNVPY8Mpv1Bg6EoD0C2-PQi-9q34yPAaaBtWNhcPLp&google_hm=BP4yDk0tOEcEvZ4BluA2gw8
date
Sat, 19 Nov 2022 04:59:41 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXfe320e4d2d384704bd9e0196e036830f004
content-type
text/html
sspsync
cksync.yahoo.co.jp/ Frame CFB8 		35 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEPPL5xkHaEXnoLGQPcEAivA&google_cver=1&google_push=ASkJ3FZzUM3Zngoj5QkoPUHv3FgeMwPeLxELpev3ff7q5zNncRhMBvvneLYYyRAB1BS0NIWc5Gs3CQL02okt0_5xNOWgFgGRbC55NQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.31.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
ATS /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
x-content-type-options
nosniff
server
ATS
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame CFB8 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKXSoKNYQq6GiLgVv-UV_ZJ44QBhTPYG-oJK_-HzvEDLsjTDa_r0cpdiSdIWRvy2t19qdixg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AF54 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221117/NqeGLmvuPvGdeaxEq2qKJUjcmyulAyFU8K2rHVjS.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9e2e3b674e72039a343d52c5d4f6d90e0a3d96e670702173806db167f1751f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34254
x-xss-protection
0
server
cafe
etag
2903157410993377594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:39 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:25:57 GMT
via
1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2024
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
gWhoTEWoDrbGb03euyPs6JMPtpl86qmeCLcFgUmmyGYdAXf4lVxk9w==
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI2NTA1MjhfMTY2ODgzMzk3OTMyMiIsInVzZXJJZCI6IjM3NjUzNl8xNjY4ODMzOTc5MzIyIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNDUwNzExXzE2Njg4MzM5NzkzMjIiLCJwYWdlUGF0aCI6IiUyRmElMkZiYW4tYWktZm8tbGllLWtlLXRpYW8temhhbi1iaWFuLWZ1LXhpYS10dW8tZ2UtbGVpLXlpLXRvbmcteGlhLXNodWkuaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZiYW4tYWktZm8tbGllLWtlLXRpYW8temhhbi1iaWFuLWZ1LXhpYS10dW8tZ2UtbGVpLXlpLXRvbmcteGlhLXNodWkuaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJkZXNjcmlwdGlvblBhZ2UiLCJleHBlcmltZW50UGFnZSI6dHJ1ZSwidGltZXN0YW1wIjoxNjY4ODMzOTc5MzIzfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 19 Nov 2022 04:59:40 GMT
Server
nginx/1.18.0 (Ubuntu)
L2EvYmFuLWFpLWZvLWxpZS1rZS10aWFvLXpoYW4tYmlhbi1mdS14aWEtdHVvLWdlLWxlaS15aS10b25nLXhpYS1zaHVpLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvYmFuLWFpLWZvLWxpZS1rZS10aWFvLXpoYW4tYmlhbi1mdS14aWEtdHVvLWdlLWxlaS15aS10b25nLXhpYS1zaHVpLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.161 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-161.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
NZ
date
Sat, 19 Nov 2022 04:59:39 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=37, origin; dur=207
content-length
555
expires
Sat, 19 Nov 2022 05:59:39 GMT
truncated
/ Frame 2425 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2614bd42c4371a3f57f643135214981d724fedbf5c79f65b09e7bcd40f57091c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C5A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 15:18:49 GMT
expires
Sat, 18 Nov 2023 15:18:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2466 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
f6face60dc5ccc0f5d54ebc38fdd9aed96549783e2f75dde2661ac25b96b1e2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-REUZ5BF7Nl30y7XCX2RKnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-REUZ5BF7Nl30y7XCX2RKnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:40 GMT
expires
Sat, 19 Nov 2022 04:59:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame AF54 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
18041840905878368703
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:39 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0475 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:40 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0475 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:40 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0475 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 14 Nov 2023 04:59:40 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0475 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 14 Nov 2023 04:59:40 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 0475 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=Q7o5BJIvgEZ0Fp1LXAvCQtNAKXS13nF846xnJG3CWMIVQoWAz_YcLDNU39vbwBkXIO6mlQtNCVg5DnhP3N8xRvh2ZtxRBszKpIejSBZlCPtY89P4ziR_jnV0fkI_lBQtXQOu-CfgJdu8om9htluoBJknQ9-dDigXQMhkcpC1BhcV_UTBUoXMdwRe6HaumSuMsf8S6BMbJMED25aCPqnfrKCZ2tokM21CvBfbg-kvQfLuWLHkSKJT-rHF1auPmNC1RSyutpv1q67EC_yIi49vkrYJqioUOi4xlVwY7OYyg0bKEMu-6rm_j9DjkxPHa2wBtiOkPLkds53S15dLPj69k_eCE6G192N68QmYdadu-Hb6Exs_OtMIxAlbYnvyuFHVeAnv9W5bngZbMSKsQOt1ic5YL-iDU-2DyDPtqrs00-3bOtj_d7xr7cmyQqMQtuwiQw6-Rg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7236271
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.jpg
tps.doubleverify.com/ Frame 0475 		0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=23716808&cmp=192152&sid=3129&plc=6788247&adsrv=29&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&gdpr=0&
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.174.120.107 Avondale, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Nov 2022 04:59:40 GMT
Cache-Control
max-age=0
Expires
11/18/2022 04:59:40
index.html
static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/ Frame 2275 		63 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:40 GMT
etag
W/"632bf224-fd81"
expires
Tue, 14 Nov 2023 04:59:40 GMT
last-modified
Thu, 22 Sep 2022 05:27:00 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
all
csm.as.criteo.net/ Frame 0475 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=qOLAelOSqEMB2aTA5s-W3QmLFNgQfM-1NrUn9x5XewJpTjT-FMeWHj8aFASUn6MgS-SMms7iggh_paOPD_PtJ272we_4hSLO2Vicx5GSpI68zEWjdRbZZSVF4j1-UZ16XS49cJULRXTTb200ZmnB8yuzB3kzjR0atGFHGCxia8U4Zr2Uzx8gZ8GqYnyyswYDPLLUEKF50d1hoGfxJ_SRvoI7O18bg4kPQbpIuIrN8frpehkl6BVXUTdI8MWifMXjDqpCycyeWdz0wHfG&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:59:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0475 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:40 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0475 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F1D1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49251
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 15:18:49 GMT
expires
Sat, 18 Nov 2023 15:18:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 68CC 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
d77ed6309ee7b7248bccee6ee93865a56a223322f1b371379d224dfc21640677
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_IgIFNzpYr921jBicv7syw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-_IgIFNzpYr921jBicv7syw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:40 GMT
expires
Sat, 19 Nov 2022 04:59:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
87548942e28bb7e7757d17852a4a4d83efd50365f9460ae3c225ee517e5bcc39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78310
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 19 Nov 2022 04:59:40 GMT
log
aplogger.adpushup.com/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9iYW4tYWktZm8tbGllLWtlLXRpYW8temhhbi1iaWFuLWZ1LXhpYS10dW8tZ2UtbGVpLXlpLXRvbmcteGlhLXNodWkuaHRtbCIsInRpbWUiOjE2Njg4MzM5Nzk5MzF9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
52.183.162.69 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 19 Nov 2022 04:59:40 GMT
Server
nginx/1.18.0 (Ubuntu)
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 0C5A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2466 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1664468866613733&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 68CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=2890339194273179&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame F1D1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame AF54 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AF54 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
adx.holmesmind.com/adx-file/20221110/ Frame B3AB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-91.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1769
content-length
801
content-type
text/html
date
Sat, 19 Nov 2022 04:30:13 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Thu, 10 Nov 2022 10:57:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
zqd7Wj6bvqe49Z65FLIwr5ioh8uk5BpwKAvSH1Ux80fcljAouJBkoA==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
jJWfL_fJcKwy89AgB0I8qjWdNPPXmBep
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:40 GMT
location
https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 0C5A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?i75QlA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enabler.js
s0.2mdn.net/ads/studio/ Frame 2275 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Nov 2022 05:11:18 GMT
all
csm.as.criteo.net/ Frame 0475 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=qOLAelOSqEMB2aTA5s-W3QmLFNgQfM-1NrUn9x5XewJpTjT-FMeWHj8aFASUn6MgS-SMms7iggh_paOPD_PtJ272we_4hSLO2Vicx5GSpI68zEWjdRbZZSVF4j1-UZ16XS49cJULRXTTb200ZmnB8yuzB3kzjR0atGFHGCxia8U4Zr2Uzx8gZ8GqYnyyswYDPLLUEKF50d1hoGfxJ_SRvoI7O18bg4kPQbpIuIrN8frpehkl6BVXUTdI8MWifMXjDqpCycyeWdz0wHfG&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hiugAAGtMKK3IQAAs-Fu2S0V7YeW-H9I7lrg&u=%7C2k2Mr8UTcXZz4MsbxkT%2BmULQtzuk1V6uL5ipv4EMpiU%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oZ7-4NEldJVPEcquQgoC5ayq1XBwsz6hbCNpksUhOYIG9jsbcdhUPUASS9TekPJg-lVtNiPmOVj4gHmATWwgs3xl6G5M9hVy8ZHnaeFmQljiyWe-rVqHISO_Y6IjtNYGuQQChGcQofEug4Oo2ilOM-sBYQRVluBxzatCLqf7zUcZnQw88xFkOCvfOUcHxXLuUtUVWEqwUc3lwzpd71UDqc-QvFmZZc2DOA__ByBjWuke4axsYpmrciGolHpP_bF7tZNvqpYd8WRt6v-ey-2b4ciHTw8cEiupHxFlWyPs36ikadqQA9BsqNHipTMXQko_UTO3gQq317mf_0fVMchY9MLm8LmA_HEkBGaEK0uFFa95aYH6tJ6sHdgkRrv5YnKEsWRYSqM_ASF9Kidf6Qip-6NGTGjsie4gSg_J25eIQH9yhPYzvccuKQ8iXHXmK0zWsIuTvXhku8Iyd2YAvseA18uYnqg8FxVT8EcyNh1goR1Zb-TgrtaTOIFQ-QpslmK9EP9yHYTKRS5XkVgXpdynS_9B2-cE5GxQ1HAxhHoFw6mcwXC7h3l3Hh-QrVulVQ6LsdiebWpynGArKYU8sv3Lc1ixzgVnNcay1-WkwKl04tHKNYburRwNp8A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEu8SumJ4Y9M1kOStAZb8rKAMmPzRsVyqhMzkhQHAjbcBEAEgAGCr7LGF4BiCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCxrAOJ5djpj6oAwGqBIICT9AAOn36ZG3z0Ww7SQIciGZ2Clw5ytzcqAPhC2vBJZJcqjmapJSrQEMYDbm7RwRUnBYqPel7G6TdvMldK7plwjaqbMuXvoKD_Sau-M30TFisW6XmWiXwFmGrcxnTjxiBYjpBOYWxf1xg9tgr7kAc0-4aEJQRKPT1RWI85SzFPaPr2ah5p2EwrKiKxcjzlF-HjnWmyLya2nv7fWWdMNZHsg-IjQD3SFFNEPb-pVLHT8ZPt10FDgonXblpDlkxk6YkhslHBX0tSC05FwZ2MPb034fjDuRS2hV0S1oR0K59eCk8Ud1hIBgmsDOCiaTLfIjsMDp0X32o-lgW-QJKDbT_zr1HgAagz7fUocebm7QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1glfQ7RibChCxOa4-QX32pOjZpPA%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:59:40 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
pixel;r=457276802;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=457276802;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2080598303-1668833979151;pbc=9c52519a-86a3-4a0c-9f47-3d4767643a3b;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221118135330;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1668833980653;tzo=0;ogl=;ses=054af748-2bae-487a-bd02-081a14e24485
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F1D1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zCxsdA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B3AB 		143 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20221110/CRsRsXd0FUmqwYRG7gS9TIn516je7wIpMnr86Jcv.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
8ffbb1604f6c8123843ff453579bb2f0a8bf335dacbc907f935c72973cf2dff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49149
x-xss-protection
0
server
cafe
etag
16176760623933130722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:41 GMT
collect
www.google-analytics.com/g/ 		0
97 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeb90&_p=6619&cid=1299468805.1668833981&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668833981&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&dt=%E7%8F%AD%E8%89%BE%E4%BD%9B%E5%88%97%E5%85%8B%E6%8C%91%E6%88%B0%E8%9D%99%E8%9D%A0%E4%BF%A0%20%E6%8B%96%E3%80%8C%E6%A0%BC%E9%9B%B7%E3%80%8D%E4%B8%80%E5%90%8C%E4%B8%8B%E6%B0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame B3AB 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
18041840905878368703
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 19 Nov 2022 04:59:41 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 2272 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
33731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:37:30 GMT
etag
10353107486223812946
expires
Fri, 02 Dec 2022 19:37:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2425 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPWdGCmnM2aWdzTHr7yywmaZHbZgM-3w0kRdjshP-58lFrbxHRe3ltHg9T3oXKZFUmjAbGjkkqLaYxGgPLFJeqFBs7&sig=Cg0ArKJSzORuP7cWIrDFEAE&cid=CAASFeRodl0Pw_xMgyDe-UGPC4qZkWmJkw&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668833978600&rpt=1997&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYW4tYWktZm8tbGllLWtlLXRpYW8temhhbi1iaWFuLWZ1LXhpYS10dW8tZ2UtbGVpLXlpLXRvbmcteGlhLXNodWkuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLTMxMTc1NDNmLWYwYzEtNDUyZi05YzUxLTdhY2UxMmRmZTIzYSIsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNzIzMzhjMWUtNTMzYS00Njc0LWI5NDgtM2Y0NzdiODUxOTE5IiwidGltZU9mQXVjdGlvbiI6MTY2ODgzMzk3ODc1NiwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19LHsic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNzIzMzhjMWUtNTMzYS00Njc0LWI5NDgtM2Y0NzdiODUxOTE5IiwidGltZU9mQXVjdGlvbiI6MTY2ODgzMzk3ODc1NiwiYmlkcyI6W3siY3BtIjowLjAxNSwiYWRJZCI6Ijc1NjA0NDEzMDAzZWVjNSIsIm9yaWdpbmFsQ3BtIjowLjAxNSwiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAxNDk5OTk5OTk5OTk5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NjkwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY2ODgzMzk3OTQ1Nn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJvcGVueCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzU2MDQ0MTMwMDNlZWM1IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAxNDk5OTk5OTk5OTk5OTk5OX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNzIzMzhjMWUtNTMzYS00Njc0LWI5NDgtM2Y0NzdiODUxOTE5IiwidGltZU9mQXVjdGlvbiI6MTY2ODgzMzk3ODc1NiwiYmlkcyI6W3siY3BtIjowLjAxNSwiYWRJZCI6Ijc0ZDRiZDZiMDczMjZiOSIsIm9yaWdpbmFsQ3BtIjowLjAxNSwiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAxNDk5OTk5OTk5OTk5OTk5OSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6Njg5LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY2ODgzMzk3OTQ1NX1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJvcGVueCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzRkNGJkNmIwNzMyNmI5IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAxNDk5OTk5OTk5OTk5OTk5OX1dfQ%3D%3D&c_b=10608.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:41 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		96 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1453461207762358&correlator=1534932612875251&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-40&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74d4bd6b07326b9%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D75604413003eec5%26hb_ap_bidder%3Dopenx%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D01eb6a826e68ddca-224f7fca95d800ac%3AT%3D1668833978%3ART%3D1668833978%3AS%3DALNI_Mb6Qi9sdRLW6_7NnBa_JF30mGxBwg&gpic=UID%3D00000b7ef0fd7c28%3AT%3D1668833978%3ART%3D1668833978%3AS%3DALNI_MZxOB-8SGtpZgWO0KsOucU4lr8-Xg&arp=1&abxe=1&dt=1668833981784&lmt=1668833981&dlt=1668833972231&idt=6867&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=1299468805.1668833981&ga_sid=1668833982&ga_hid=6619&ga_fc=true&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
f5f0e46651b9087c82d5dcd202e3c4dc8525a9094a246d2259115fdb7ce10823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25449
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:41 GMT
expires
Sun, 19 Nov 2023 04:59:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 04:59:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E34 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
fba6511da167e1a36f5c5877190d44550bc8c76e145716b20c51797dda435394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12478
x-xss-protection
0
p1.jpg
static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/ Frame 2275 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/p1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
7d523f93bd2f87d3ecc0278b039e6488e2512a9eb0d836064511d3a769b39f5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://static.criteo.net/html5/97892/20220922_fy22q4_cpro_creativeclimbers/skater/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 22 Sep 2022 05:27:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"632bf224-d8b1"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
55473
expires
Tue, 14 Nov 2023 04:59:42 GMT
integrator.js
adservice.google.co.nz/adsid/ Frame B3AB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B3AB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E2CF 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833981598&bpp=3&bdt=530&idt=507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=5736368877663&frm=8&ife=1&pv=2&ga_vid=219277654.1668833982&ga_sid=1668833982&ga_hid=158507445&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44767166%2C44774652%2C31070763&oid=2&pvsid=4292958275180390&tmod=2044400049&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.u6xqt92qe204&fsb=1&dtd=519
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C74A 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833981602&bpp=1&bdt=533&idt=520&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5736368877663&frm=8&ife=1&pv=1&ga_vid=219277654.1668833982&ga_sid=1668833982&ga_hid=158507445&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44767166%2C44774652%2C31070763&oid=2&pvsid=4292958275180390&tmod=2044400049&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rbeiaa38osi0&fsb=1&dtd=525
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E34 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js?bust=31070923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B3AB 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
50f2e807824e5366b404f8aa5512011b611e57347149cc3623be41d7344f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12351
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AF54 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
4030349627ab9a55f9f5ae722f58cffab11ace3f7aac3fb5a6f08a03c14ddda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12420
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 10E4 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
0091500f53e706bef395368ce30f1366c1f87067eb8848cecd2c24b7a537033e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12540
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D96 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 15:18:49 GMT
expires
Sat, 18 Nov 2023 15:18:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2CA5 		783 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
fed371774f5d4034087ced97ac75e2fa4c32e3d036f3603935f5e005ca036c14
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bJZSsgscE7xBmsEqLHtzoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-bJZSsgscE7xBmsEqLHtzoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:42 GMT
expires
Sat, 19 Nov 2022 04:59:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 76CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1664468866613733&bg=!T0ylTAjNAAbvMpMzzzI7ACkAdvg8Wn7w5T3G8U4aJlmUQlSWbmyr0Z7y8uhh3RdR-Rqay0pQEfyd2QIAAABYUgAAAAJoAQcKACE0oSdUrncFL3QM57AxsNdNly278_bzP2dqfUdcN_S_VVyZArQyA54k5KO6uFahOKbe7v1A-h9idVlAMPuWv3zYNkjx3NNvE2_hlCfiXPkYnBA82Msg9NQBbYcCqdpG7nTlVjZrpaj98_gw_C9qA7Kg5GTNPnxMD6DgCL6pIH_fLLC_yUIHJRNdwjF-oGdird7I9XApzKtPwCPe97rVnT-_KP078tDvB-BiE_MBSIjpiwcT8VHO6fsGd5S4VX1yhjvKg_r5iudsdi8ix1AvqWAdlsbLTCYzdYoAuvNFh8ga3dEnZAEZHznRnA1xqPb-4iREax5qVAS5dS4fkWANTWOr7dYKAfRHIdeEMHA_Iu4jDGKpiPNtkR5mgcy0b2i-YrqSidnoe8AxPlkJW641RgmD5PN4Rou4K4LTKbY1rWb8ieeS7yQ6Deo2oB0_44zWjGPQhleFFS8HVvsXLiAqSzqoes4HK58aKSkRk55u0OosK7EWZ33ImowK3O_CRRQFYJP4wlrBo8E2WpML3spXRy0EzTiM-BSMDuvQXfvpDHCd2BBPbg_o03Sjy7QlyJQtY5Gk5yDLA05eGPCsJGXnydHy2jR3FaCcAySKKTbMnB-1xJ2vU7hJUoSux8ROTF9XcwXMKS0l26H6Qi0JHqwwj1S0H0lS6k-6CbSPnTIDn17oKZUAuDBTag2VRneo1RmKwudZA_kscS91oFT2KOvjCW_fmicvAPAQu-iS56XdvOco6amYgGUe0bY7tEqWduR0ZNFoGYnEww2ylsvDe5qdHB0u2HIQajtNp6edWSuD0zsGRcHGw5_zS6rNF5MpZaq9tgXbS-urMqkfHHucErDe9MtDmKvbF2sikxWQD7MMT9Fii--o2q4JnIKGsOrQGaMP6kza0lHjT2dRgvDovdIw8qxflZZyOBjX94c9WkfNyqEGU9_LWrN_DyJ2f30Izg2drvVx1Hc8GWmFeA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Nov 2022 04:59:43 GMT
container.html
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C22F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:41 GMT
expires
Sun, 19 Nov 2023 04:59:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame FEA7 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:08:01 GMT
age
280302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:08:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FEA7 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 22:54:03 GMT
age
281140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 22:54:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FEA7 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:13:02 GMT
age
280001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:13:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FEA7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 23:07:34 GMT
age
280329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 23:07:34 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FEA7 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Nov 2022 22:41:14 GMT
age
281909
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 15 Nov 2023 22:41:14 GMT
truncated
/ Frame FEA7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfae027549199f91b4234f16dc0af76bc8210a61cda6443af1bc4dd063815011

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
CC_Tyre_Centre_OCT_Our_Reviews_Speak_For_Themselves_EMEC_GDN_728x90.png
tpc.googlesyndication.com/sadbundle/8444619643638210031/ Frame FEA7 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/8444619643638210031/CC_Tyre_Centre_OCT_Our_Reviews_Speak_For_Themselves_EMEC_GDN_728x90.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
51ea63533ada918dc8595d04b77e0249c4144a65f8c819061d8f76bc0bd07985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24109
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 04:36:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 Nov 2023 04:59:42 GMT
container.html
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D483 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:41 GMT
expires
Sun, 19 Nov 2023 04:59:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FEA7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:20:01 GMT
x-content-type-options
nosniff
server
cafe
age
27581
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sat, 19 Nov 2022 21:20:01 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FEA7 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 10:20:07 GMT
x-content-type-options
nosniff
server
cafe
age
67175
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 19 Nov 2022 10:20:07 GMT
l
www.google.com/ads/measurement/ Frame FEA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3hxas5OkWeDThBqJedHdxr3XrEnHDgR4YPOCY_ceKvpwm2ShXfPKrAqnHSCGkASS7d8bwN9aYk5SFJkr8xfQHR_jlaA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame FEA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIEQOvWJ4Y72RO-OM9fwP1vyXqASds-esbZi4sv7qEP2Tt8nmMRABILqEwDNgq-yxheAYoAGDo6bNA8gBCakCL9PThROhpD7gAgCoAwHIAwiqBLcCT9AdB9sRk7AfHoLPTY5QgFvvc0wPBfcUfgHAhYLTQTBXGmnih8s6gY1ti1XC3zJqMsHBeiNCam5N6Q0Mo0Wd76TtbnAqlai5erYJVPuG40tq4BmLe0PpwReVR1bzkB13KxFt1Qtqrozv-EpfgUCOMTYyTgfb8qQBwkwd7_uYaEmPZoaWumAeE3F-Bm_1L0cYKUivis8E0xYBUP6d9CKWK66J4lCxs6yHVO8-pz17gdQwPzg0q-KNRa_dCej3twEBhQkeenTuVRs42qLMa2OpsqgE2E_srYaDl-KnJ3R5EHKh6zJwUO2qtiBs23AfXydbKmdi5IgTpeTzHQ6k8GgNqpzqjjgt6iAAN4GakyYAhshRhCvVK4PYXqjQAJEhEr7scYJeHAadChk5MF3wR8OUEPfRgnDS4V7ABLvg29TsA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfl3NkyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2YYC0ggPCIBhEAEYHTICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=LOyPg-CgjOA&uach_m=[UACH]&cid=CAQSOwDq26N9McmkUFmoXugsXVy4uhEH8gFB-M7ucXO7JRcKxwRrW9PyXi-ZfPZavqRGDxyWILDiARDpy8XaGAEgEw&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D41E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=2890339194273179&bg=!mpmlmd3NAAbvMpMzzzI7ACkAdvg8WsXWIroejK2vJedsMg2qrAkndb844LbOGc2irABMzIV5wr6VJAIAAABLUgAAAAJoAQcKAHekDk7lqh-B74kckonG82up5HKDEOB1Iu8thI5m5cQ7VtMKAvAMn8gXoshGIcgSh4C_Ky8Ng503w3Po65ie21ROyRn-vdWR9_qB84qWWbw_STBd0Y-qsOmJQfFV9tAaaVgi3dlB-X5H-aIzwVdFNrzz6yX-isPjj5kCwisoxd_3ihR2iViB6a9hEAQWqAC8dI6ezw1_j9WmJHU8d-cTkpr__MFn9s9LPFJyiAsNHbmt1y8hBgvDPQYOQSaEc8QM6mv2A-WFr60kbWR14lTw_cDe1I2Sbi0xXQ1U8INOdYlt9xV_3aCS1Xg0npQFx0HZ3uOVkB4_DVb18_6Hv5MnH3weyhCQSa5bEXPdE_0mmUTwYE9Aej7aBgzwacfskWjdEDWi_0MTAXrPYnQvTy0_fGPmcr879y2MTzbETIVDLIfN0ajo1NGauAWOxlINaiuUo9NKHOaZje_hfFbkxtuubntOyOaIXx-H12hccBw9L010-9V9ZI6smpNzDhN7bP6xrMOjCvuKEg9cqwJJf7_nmGN4wGP4AP_DYpjaUATS43BuLl7dSSdsIXXmvr7_YLJ-bVj0sU1cWv3lOdsYMRu8Fz0z3ZMgeUOQgoSoH6J_jJdbGbuvTjgkvIMxOW38Qb-R9B_-Edhbnbik1WVuxjSjhjUTF2sQ0QrNpM3KFjm7jaysIb89BWDvawW0Mtt1TJ8sPsdRO-L9yxO3vk3k1fK8tYdS9wDJaJjXehjULGZuAvr2JAIRGcMqEu2986tYb_sHuQ1fa-YNnHs9gTBcv9TVpvKocBRfqetzcimSWzItGT6AjZww8o7lsi_Q4BzPd_cNX-hYyEEiPuSZwHYKQGYmZXkbvkL9s90B3U8CFTmSDgFYGhLr5Cn9WZWOrZaz9Gzu77F6u8rZJe9fxyJns5PJyxiR9oenxFe3u6vRd5jUX2RRDUBCyjWFeTWi4_JgQA6yUkUyn1tee8JVrREuS3pn7udPBhy6MJKCHEmN5MmnJYXOjmk_G5T9rVuUUt2y0_-v9iCphUfICWIIxRV71s3EF7fIsDdd7b-86El6__E3nvoDf83z8VDOf3nX715JT-GHp6msjZqDgldq9-GYfvU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AF54 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:42 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 5D96 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3AB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 10E4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_fy2021.js?bust=31070924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2CA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3758394164867543&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 5D96 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?N3m5Lg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8113 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 15:18:49 GMT
expires
Sat, 18 Nov 2023 15:18:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4C61 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
b80b796ba8884520afd65cb32ae2a556798123624f4aac0a049a5854c9af007a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RgGwAiB2-NcyB4Epitf0sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-RgGwAiB2-NcyB4Epitf0sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:43 GMT
expires
Sat, 19 Nov 2022 04:59:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 15:18:49 GMT
expires
Sat, 18 Nov 2023 15:18:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D11C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
c53a28dc89ce35f109dc727ffbd06d0bf1b5b07c899592373d09d0f021b8ee12
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y66muX_p3WBbv7ssw-7eGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Y66muX_p3WBbv7ssw-7eGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:43 GMT
expires
Sat, 19 Nov 2022 04:59:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame C22F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGZgYvWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEpwJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPeLpGbzAsZogpJJm8lzVidpx8cmE0_hPYVyNyV16yaAkbC0aGoWt4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=rdjdiV5LlZM&uach_m=[UACH]&cid=CAQSOwDq26N9McmkUFmoXugsXVy4uhEH8gFB-M7ucXO7JRcKxwRrW9PyXi-ZfPZavqRGDxyWILDiARDpy8XaGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame C22F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kMjmDfz1BqwC-gFi-C0SAgAAAPjjWbRbbk3DEL1ieGN6yuSnd5lQutRCYwASAAA&wp=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
198913
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 601D 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6dae2327ae139336d024fe256ae73fbaa1dfd70bd4225684d4d40b1ba8335760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=tcL2cVOSqEMB2aTABsdnc46OUC4kKqKnlqmnLQa_5iaTeXUmDuUA9Yl_FUMFPdC3oLx2mS1OyQPrOiW4LDGoj3C_DwSQGSbCQM_TxO52K4D-fHU1I6trPvsUr32gibd6hbWYQ5h7aY1GShpmm8dXXMnkoP_ZZwvOsczUjBYhkdOaGw8CTI1QwLZF7argGKer1NW5iYZvRtAil-iLfQ59v2wT-o3Su1kAuNar9vgIKDaZjeTmBveGTu30M_6S8RnRIh4I8ImU6_Du5k37"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4666293
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C22F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 85F1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
51977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C22F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame C22F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9t_nXHs4RHJBjdmb29hj-hK8sz69-G4bRQyjIbh2Waw37gTonI92730EM8uuK2n8TY2zVgUyBoXwC4GEkSR9ISXvE2w
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C22F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
275078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:35:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C22F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:43 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D483 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CF93TvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEpwJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIseMK0WUfYkmAjJtnW0CWG6MjELp1FyLsG4_e16CzRoYVnvlkZwu4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=pdo8Y9SGKDQ&uach_m=[UACH]&cid=CAQSOwDq26N9McmkUFmoXugsXVy4uhEH8gFB-M7ucXO7JRcKxwRrW9PyXi-ZfPZavqRGDxyWILDiARDpy8XaGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame D483 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kOvgFPn1BnjYBGL4LRICAAAA-ONZtFtuTcMQvWJ4Yyot0CO6hoDjTMnIABIAAA&wp=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
156213
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 2637 		163 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2a9d0d57e6b150e0663730f1ba4beb086dbfe821b74d65badfc2fd0fb6260cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:43 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=PMktslOSqEMB2aTA_GRzqc7VAVGLXKt8rGE0VUOaasUvTmQ2szfQRZNk3o5zsxygyubNaQPfM1oLuX6xNeN_o0XoxkRQp0C8cGaYTzsESrllyUzy4J2dFeLeR3C3Qg092TT7KDNIU1LcKd3I3StoJfKy3_G1b7VBhgXwfTqxJHKVKqxF3XOYyKxw62ywvmSzkNBpfo43Q3Pqo2VlAPcR-r2MSG6KuArW33ky71Rw1jNOO4APybfDsEgyZlkPgeW3LqghwQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
58799678
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D483 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:23:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE2C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
51977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 14:33:26 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 14:33:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D483 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 16:23:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:23:21 GMT
l
www.google.com/ads/measurement/ Frame D483 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsbixIkEfY4aalPBMt2Z9HFYhdf-0d-Nuy-q9n3PhwYA3NWZ_ZooprEw0K6wb5rJTW7RY1L1ojPGCuFdxO-poyVjyEOg
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D483 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 16 Nov 2022 00:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
275078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Nov 2023 00:35:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D483 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Nov 2022 04:59:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3690841905762444&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 8113 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D11C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=4292958275180390&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame 601D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:43 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 601D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 601D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 14 Nov 2023 04:59:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 601D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 14 Nov 2023 04:59:43 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 601D 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=x10RV5fRz19j9uhh4CYIODVz29yJ5qcEmeOFceLfKCTSRbf-bPvIH_7-VuO_SHqeovues2alDphz75bcL2zd6At5bKB4rh2fsx4jx8MkHmZLLBtim4HnM-JSipfQx0Oo5NXdKy-MlYmO08oYnz9kANarkUZQOWmiSl1sn6YnplOxCUAeITfk8PuhHIpnJq10uz_Anjmz6YCk0BVeUC9yW2wb8YLlxU_kG9qYWOSDiYDrvgBZc8TTTbAk-O_xOJ07bECbIGVRC1uVr_0B6JTgyFOOaMxCNCbeqS0gGp0Eotps3AfDIsF5UOns8mk1g7LBEVs_gNWAwzHyABvj463yh4X9ASxQHL-RrDfTuZsgllSF8uOmKWD9wfAgmzn0Nqz6BT0VQTlxuXkKTtzZIBcM7l42L3Qzggu6ZvrDRE-o1vDJC3QC
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2295673
expires
Mon, 26 Jul 1997 05:00:00 GMT
f3037f72e20c47bcbc56e32554d2ef11_summer-launch-300x250.jpg
static.criteo.net/design/dt/71731/221031/ Frame 601D 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/71731/221031/f3037f72e20c47bcbc56e32554d2ef11_summer-launch-300x250.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
edf0b9843d5d06825a6d7fb7b5b187bdd52c47946df85c32d80adc1d547ce637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 31 Oct 2022 14:09:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"635fd70a-174c3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
95427
expires
Tue, 14 Nov 2023 04:59:43 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame F0BE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 85F1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1&google_push=ASkJ3FZNG9I4L4M5eliLj9DAzitYsaCFHaEDAL7uS_FxnodpY5CWhDVhjtTg1fBSPuoi0IAuYxEQUAfBQn9L5x32nH_9U2o1DNDXC...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc1NzE0NzczNDI1ODc0NjU5Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 85F1 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOeQgNnEB4Jiz1QCRyO4iB0&google_cver=1&google_push=ASkJ3FZcxOtqvaI1vRIcf_k6tk5jBcJqcyeWteHCsZSDtmKiaxj7YOM9vrZQteA8Sn-xRYoW4_oZYyrUVQ69tplAHuy3z70JWM6LFjSfICEaeREDYX40J5BhPAHCjHwqn4dShivG_XivXqetu-kw06-y6lo
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85F1
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEFV63BYNj9HC1QXftaqSNpo&google_cver=1&google_push=ASkJ3Fb57KWlgMzdmpbje2FfUNSaw1WwTAzmiJk4_nsoKHqmdxLYiwVlzcj4ibXctqCMLouu3__U-7m...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fb57KWlgMzdmpbje2FfUNSaw1WwTAzmiJk4_nsoKHqmdxLYiwVlzcj4ibXctqCMLouu3__U-7m2SBaDniRNdA4GuSWjdRv0HUMGQBXcHqsOFiP2VzdUhHoVWrMY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fb57KWlgMzdmpbje2FfUNSaw1WwTAzmiJk4_nsoKHqmdxLYiwVlzcj4ibXctqCMLouu3__U-7m2SBaDniRNdA4GuSWjdRv0HUMGQBXcHqsOFiP2VzdUhHoVWrMYyxTbze_94C7Bo0V-071rb1NoDtE&google_hm=JX1k554ZSb-l3wXFSj69jso
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=ASkJ3Fb57KWlgMzdmpbje2FfUNSaw1WwTAzmiJk4_nsoKHqmdxLYiwVlzcj4ibXctqCMLouu3__U-7m2SBaDniRNdA4GuSWjdRv0HUMGQBXcHqsOFiP2VzdUhHoVWrMYyxTbze_94C7Bo0V-071rb1NoDtE&google_hm=JX1k554ZSb-l3wXFSj69jso
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 85F1 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECDYfeeDDkmzEPau8ovpeWU&google_cver=1&google_push=ASkJ3FboD03s30rVKHj7GF72LbSKRP11itfQjY-B4TCM0vTqOP5eBZ_lvycJE1EQOQOhgvIiXV7xcuOnmM1Q-LBX2MNAgbAJM2rbU3oYOgvjTBu9N4lFHbfvrSBjY264Sl4PAWJU3UOsTzLTzJBi-mC3-AE
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
a.sportradarserving.com/ Frame 85F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FYGwr-64EAQ1h3jnzwi8BhXvfQUpxrS0WgnGZyU5Fm-9hNB7a2mFt69nu7VbzA70_9QWxgiSHW7gPoAgjKkq9OF...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FYGwr-64EAQ1h3jnzwi8BhXvfQUpxrS0WgnGZyU5Fm-9hNB7a2mFt69nu7VbzA70_9QWxgiSHW7gPoAgj...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
0
0
pixel
cm.g.doubleclick.net/ Frame 85F1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHAZgwzGnkLfoW3An02oMwE&google_cver=1&google_push=ASkJ3FaL-A3RtyPYsj_L0B397URgz9UMk8iKiTYFLOAnvAtNF9ocLUs9l4on3vy0Xe0RnOjiFsCBD9qH0YmLPZUlsgApFX6...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaL-A3RtyPYsj_L0B397URgz9UMk8iKiTYFLOAnvAtNF9ocLUs9l4on3vy0Xe0RnOjiFsCBD9qH0YmLPZUlsgApFX6y08nxrBHFmZqouX7xSIzysM4kbiE_6_mKO-rlE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaL-A3RtyPYsj_L0B397URgz9UMk8iKiTYFLOAnvAtNF9ocLUs9l4on3vy0Xe0RnOjiFsCBD9qH0YmLPZUlsgApFX6y08nxrBHFmZqouX7xSIzysM4kbiE_6_mKO-rlE3FxtSWxgro2ltiqtwA6g7E&google_hm=NjY5ODYwNDcyMjQ5MTM3NjAzNg%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaL-A3RtyPYsj_L0B397URgz9UMk8iKiTYFLOAnvAtNF9ocLUs9l4on3vy0Xe0RnOjiFsCBD9qH0YmLPZUlsgApFX6y08nxrBHFmZqouX7xSIzysM4kbiE_6_mKO-rlE3FxtSWxgro2ltiqtwA6g7E&google_hm=NjY5ODYwNDcyMjQ5MTM3NjAzNg%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 85F1
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?ext-param=ASkJ3FbQbbmrfLdvtkmWMQz8m7Az2_fxPWeyRR1gNbce-5IVx11nB24pkMggV9jdzkoclp-P9J0a82x8v6oTZ9XYam-oIje40_-b-EDFaYOU8_bb310Q4bwNiMyV...
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?redir-setuniq=1&ext-param=ASkJ3FbQbbmrfLdvtkmWMQz8m7Az2_fxPWeyRR1gNbce-5IVx11nB24pkMggV9jdzkoclp-P9J0a82x8v6oTZ9XYam-oIje40_-b-EDFaYOU...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELLT2EkYlUUi_yNgVP4MfEg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 85F1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4Obz6qiXaWvRHyEMLqyzfDWS0n3ORWHToEl06CyC1DaL4EyhMLvbcUpiPgG0u4iucxnCSEg
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DE2C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1&google_push=ASkJ3FbmvydZ1vqCScjJzI2MMYsW2j63GMt2Or19SH_Xm5cNG8HK6HZ4onKKJbUvhHgiXV5_3oF3kFEjirYuUwqruw04YK3MDJ9D-...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjgyOTIwNTMyODI5NjY3NDUyOQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBk1CeoVIHhUKIlDcd2UccA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame DE2C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPD0_-m8em9chqy0nBdrX6s&google_cver=1&google_push=ASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPD0_-m8em9chqy0nBdrX6s&google_cver=1&google_push=ASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYic...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPD0_-m8em9chqy0nBdrX6s&google_cver=1&google_push=ASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.18.24.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76c660d07ac01c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:43 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1252
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPD0_-m8em9chqy0nBdrX6s&google_cver=1&google_push=ASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3Fb-QQ29dGszWfAbRmS52jq9JHiRrSl3STlUF_g581U7mihXxh5s1TCoCE55JEbi5aoZDPYQSafTO-PVNqbLrI43r6fEYicOX5x0ezIMUBKo6BMH95t7tg6ZkxlAbJdgC1atbWK205GbMjlh9u4QiQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76c660ceb9691c58-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DE2C 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECDYfeeDDkmzEPau8ovpeWU&google_cver=1&google_push=ASkJ3FZunPAxYF5dyFsFf-BSFwtMwO1Uy2hHkW5NP_p9DfDtwa-XuA5O-HREJwVq0ESwJLJyOKXbx-rPQa7pbNsYaj603kZdBhRfTS2OngK7pbKgYKb5bNu6PIo_MJSAx300R7r7UlmdhTYGmYVCkfYjCbk
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame DE2C
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEI1s8k0pYlZiKUYeJFdlDpY&google_cver=1&google_push=ASkJ3FYBWKVwyPTKLuesR6eTOkDFm1Y0RTPIfEU2RY61GJjdvGGylxsmMlzX8wsQ2LVrZsy6AHa7HUJJDU39ILdu-SXe6ZraalPhsecP-...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Ykx5bUVNSTdDdjZJZUpoOXdHSjRZdw%3D%3D&google_push=ASkJ3FYBWKVwyPTKLuesR6eTOkDFm1Y0RTPIfEU2RY61GJjdvGGylxsmMlzX8wsQ2LVrZsy6AHa7HUJJDU39I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Ykx5bUVNSTdDdjZJZUpoOXdHSjRZdw%3D%3D&google_push=ASkJ3FYBWKVwyPTKLuesR6eTOkDFm1Y0RTPIfEU2RY61GJjdvGGylxsmMlzX8wsQ2LVrZsy6AHa7HUJJDU39ILdu-SXe6ZraalPhsecP-Pq01o6pE8PEkXIP4CHUP0Tl61Z18JicX_VQlymGYngIyQLcxh0
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Ykx5bUVNSTdDdjZJZUpoOXdHSjRZdw%3D%3D&google_push=ASkJ3FYBWKVwyPTKLuesR6eTOkDFm1Y0RTPIfEU2RY61GJjdvGGylxsmMlzX8wsQ2LVrZsy6AHa7HUJJDU39ILdu-SXe6ZraalPhsecP-Pq01o6pE8PEkXIP4CHUP0Tl61Z18JicX_VQlymGYngIyQLcxh0
date
Sat, 19 Nov 2022 04:59:44 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
298
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sync
pool.admedo.com/ Frame DE2C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FaDTra54u5NoAbPbGexWUn3mi3anN7k-VsKkIFv_pEe-MrGdnHr_mzs89ELaZljZ0qcdVwVMnM3fNUQfIdiniHQ...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEFBqbTOb0G7xnL1h_UC84bw&google_cver=1&google_push=ASkJ3FaDTra54u5NoAbPbGexWUn3mi3anN7k-VsKkIFv_pEe-MrGdnHr_mzs89ELaZljZ0qcdVwVMnM3fNUQfI...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9f29e3b1-b243-430f-929c-d55b5e101788
0
0
pixel
cm.g.doubleclick.net/ Frame DE2C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHAZgwzGnkLfoW3An02oMwE&google_cver=1&google_push=ASkJ3Fa8qBX5DlCUxWKmAhbfl_tb6VTQ5ECm2Z-uf6B-C8_BdSiocnzrTxoQ4zBRu7EghcCG3_bFIY1jM0VyvIezW-IERQp...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa8qBX5DlCUxWKmAhbfl_tb6VTQ5ECm2Z-uf6B-C8_BdSiocnzrTxoQ4zBRu7EghcCG3_bFIY1jM0VyvIezW-IERQpDb6tlT6kNq-gEVlB56YZcZZIOvmby0oLMdQK7U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa8qBX5DlCUxWKmAhbfl_tb6VTQ5ECm2Z-uf6B-C8_BdSiocnzrTxoQ4zBRu7EghcCG3_bFIY1jM0VyvIezW-IERQpDb6tlT6kNq-gEVlB56YZcZZIOvmby0oLMdQK7Uq6uHucGfFJAjaPdbzY87es&google_hm=OTY0OTYyODgzMTc2OTIzMjIy
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fa8qBX5DlCUxWKmAhbfl_tb6VTQ5ECm2Z-uf6B-C8_BdSiocnzrTxoQ4zBRu7EghcCG3_bFIY1jM0VyvIezW-IERQpDb6tlT6kNq-gEVlB56YZcZZIOvmby0oLMdQK7Uq6uHucGfFJAjaPdbzY87es&google_hm=OTY0OTYyODgzMTc2OTIzMjIy
content-length
0
pixel
cm.g.doubleclick.net/ Frame DE2C
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?ext-param=ASkJ3FaELJax4gKoyO0VYannaWdcO0wtppSdLUI5IBXStsKt2okWCd_1bbyMRt1kUhVi12aqsadalOjE8B0ZPkWlk16Q1Wo6AC8gyiQwHMOijsE31SMFjTSiN2J5...
  • https://an.yandex.ru/mapuid/google/CAESELLT2EkYlUUi_yNgVP4MfEg?redir-setuniq=1&ext-param=ASkJ3FaELJax4gKoyO0VYannaWdcO0wtppSdLUI5IBXStsKt2okWCd_1bbyMRt1kUhVi12aqsadalOjE8B0ZPkWlk16Q1Wo6AC8gyiQwHMOi...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELLT2EkYlUUi_yNgVP4MfEg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
0
0
attr
cm.g.doubleclick.net/pixel/ Frame DE2C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3G5fowcl3JSwOp3bDRQ6hhjjRbm1I3JnrdTBrKB8EnFXgPvBhjrC92N1fby-lkPd_WgPf-A
Requested by
Host: f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
URL: https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.as.criteo.net/ Frame 601D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=tcL2cVOSqEMB2aTABsdnc46OUC4kKqKnlqmnLQa_5iaTeXUmDuUA9Yl_FUMFPdC3oLx2mS1OyQPrOiW4LDGoj3C_DwSQGSbCQM_TxO52K4D-fHU1I6trPvsUr32gibd6hbWYQ5h7aY1GShpmm8dXXMnkoP_ZZwvOsczUjBYhkdOaGw8CTI1QwLZF7argGKer1NW5iYZvRtAil-iLfQ59v2wT-o3Su1kAuNar9vgIKDaZjeTmBveGTu30M_6S8RnRIh4I8ImU6_Du5k37&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 601D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 601D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:43 GMT
truncated
/ Frame C22F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e59c9575019fcbb75f113d9170ec6caf4ae58cf9475e69ea97975cc16d761faf

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2637 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:43 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 2637 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2637 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 14 Nov 2023 04:59:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2637 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 14 Nov 2023 04:59:43 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 2637 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=ft7x_IZCUyBvh5v7I2bIg29Bdjq6hiLEUdyvhVMHV97f-S-aFPSyFRJTEetZZ5cMnF1xcCMDIS6HeRp2uVmjGMsh5lsTLIvKjiszb-UVtGtu_tdV7zuDOPHtwYfYNnJG55OkgQpCXhXuWacB94slhP7XuSHMaQA1fhWtyngdADGPbd15Ol4rOzWTpHFGaBmbJIFgyDEn_B4V4iLtxFFRlDqrXaEUgSj9ALvRRvg7Nt874JItN2QC5WSKb5noj7B5mGRY_LZYcUqdFl41E6JRQRJJ6F-8WO6YoBiPFAOGqwYYxfs2JSILRcV1vpQTmqeV0Vj6IVvuEMQSOo0vJ3rb7tJ8IETD0SbIXyvHIYuG1wQt1DjrdUwNjd9EsmDQaAqLvn2SVchnQjqG9QLznujTIp2Rd2AI8_LnX5H-EjoWx-yIRZakt--oskpuqzEaPhzDhRm4DQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3164734
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame D483 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00fcb2f8d96aa963e368d4879379539225ea26c395efa27766601c5616155ca4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAB0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
49254
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 15:18:49 GMT
expires
Sat, 18 Nov 2023 15:18:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D11D 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f105.1e100.net
Software
GSE /
Resource Hash
0ea4a42416eae6305faa5766ce2550bfd9d47e5fabba549f5b5e070190193c3d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AbJZ0xLQRZGwYwKJ5DoY3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-AbJZ0xLQRZGwYwKJ5DoY3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 19 Nov 2022 04:59:43 GMT
expires
Sat, 19 Nov 2022 04:59:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
animejs.js
static.criteo.net/animejs/ Frame 2637 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:44 GMT
img
pix.as.criteo.net/img/ Frame 2637 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=99914&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F99914%2F221018%2F6ce37c12b49c4d5ba723ff6b2bda79f9_output-onlinepngtools_%289%29.png&v=3&w=236&s=3ha3RCqdhySPBCE_0chXeOWY
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
c3d5433298df9a32c8a53ddba38c14ad17bfbfa86f28d4619fe8f092bf4f62d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28325724
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5124
expires
Fri, 13 Oct 2023 01:15:09 GMT
img
pix.as.criteo.net/img/ Frame 2637 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_BloomCollection_EllePlaysuit_Rose_Front.png%3Fv%3D1659242709&v=3&w=400&s=UbmJ49q3rOAuegvBN9ONe9Zy&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
bb9a24f8e27a9eb6bb2f25ab6aad5920348f4c13a105d429e3d0e741af46e1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28812156
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19634
expires
Wed, 18 Oct 2023 16:22:21 GMT
img
pix.as.criteo.net/img/ Frame 2637 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F0P5A2416_74477c0a-2c45-486a-acdc-09638514ec08.jpg%3Fv%3D1659242751&v=3&w=400&s=cfSAdYEEqmjfEpVwtHflAF1n&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
2e77139884bf419f164e503105b06e895216ca6039451ec5ddae8faa7ce85120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28802128
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11068
expires
Wed, 18 Oct 2023 13:35:12 GMT
img
pix.as.criteo.net/img/ Frame 2637 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_BloomCollection__EllePlaysuit_Damson.png%3Fv%3D1659242666&v=3&w=400&s=0CnqaROkMGuqe76R4N0sba-d&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
03735e4f71d239c6684cad226d35d76659218eaffa26a73e5df72ca68202421a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28796171
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22064
expires
Wed, 18 Oct 2023 11:55:56 GMT
img
pix.as.criteo.net/img/ Frame 2637 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FLolaDress_MadelineLaneFloral_1.jpg%3Fv%3D1665619522&v=3&w=400&s=8TP3_F15SqBwl5Sh8G1grBTp&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
918adf8ef8018e153fd4c0bc1b4dda080163af044f6e543ffea2b77bb253fad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28757606
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13496
expires
Wed, 18 Oct 2023 01:13:11 GMT
img
pix.as.criteo.net/img/ Frame 2637 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F083A5443.jpg%3Fv%3D1650796461&v=3&w=400&s=qKopc7zBFpG7Q4KY_RC9se4T&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
2235457133277820926e141a6a804444443e225e43f3c583360977a6b5a1d10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28795780
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17396
expires
Wed, 18 Oct 2023 11:49:24 GMT
img
pix.as.criteo.net/img/ Frame 2637 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_OrganicEssentials_Leggings_GreyMarle.jpg%3Fv%3D1597006437&v=3&w=400&s=XdAIdj4XNzh5bnrZFmauzlsP&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
a87841628a841fcd03b2527e33366f6a64675f20b8dd0f1a82b51f042c0c32d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28836634
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5926
expires
Wed, 18 Oct 2023 23:10:19 GMT
img
pix.as.criteo.net/img/ Frame 2637 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F0P5A9143.jpg%3Fv%3D1650789592&v=3&w=400&s=4vEcJevQdyXAByJJxh0PxD5U&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
dbb0454eb7b13da25392eb02e3a9f00a472ffc936d5a1cf13005d745bb8fdd2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28804799
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15206
expires
Wed, 18 Oct 2023 14:19:44 GMT
img
pix.as.criteo.net/img/ Frame 2637 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2FJamieKay_BloomCollection_OliveTop_PeachWhip.png%3Fv%3D1659244134&v=3&w=400&s=ec3XrL_-IRaJS12iLgN2YqEv&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
da9c907c6573831faf308dbb6ed9520cd69e31ddd6cab75127540c3c2a0049c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28796979
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13738
expires
Wed, 18 Oct 2023 12:09:24 GMT
img
pix.as.criteo.net/img/ Frame 2637 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=99914&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1374%2F4477%2Fproducts%2F083A5557.jpg%3Fv%3D1659246229&v=3&w=400&s=DAqF3z3IkxapxykbN60D_nGZ&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=28798365
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19490
expires
Wed, 18 Oct 2023 12:32:30 GMT
all
csm.as.criteo.net/ Frame 2637 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=PMktslOSqEMB2aTA_GRzqc7VAVGLXKt8rGE0VUOaasUvTmQ2szfQRZNk3o5zsxygyubNaQPfM1oLuX6xNeN_o0XoxkRQp0C8cGaYTzsESrllyUzy4J2dFeLeR3C3Qg092TT7KDNIU1LcKd3I3StoJfKy3_G1b7VBhgXwfTqxJHKVKqxF3XOYyKxw62ywvmSzkNBpfo43Q3Pqo2VlAPcR-r2MSG6KuArW33ky71Rw1jNOO4APybfDsEgyZlkPgeW3LqghwQ&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:59:43 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2637 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:44 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2637 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 14 Nov 2023 04:59:44 GMT
generate_204
tpc.googlesyndication.com/ Frame 8113 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3GJEzg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F0BE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bRG7Dw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame D11D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3493173693308844&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame FAB0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 23:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 23:08:01 GMT
generate_204
tpc.googlesyndication.com/ Frame FAB0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jGbqCw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Nov 2022 04:59:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.as.criteo.net/ Frame 601D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=tcL2cVOSqEMB2aTABsdnc46OUC4kKqKnlqmnLQa_5iaTeXUmDuUA9Yl_FUMFPdC3oLx2mS1OyQPrOiW4LDGoj3C_DwSQGSbCQM_TxO52K4D-fHU1I6trPvsUr32gibd6hbWYQ5h7aY1GShpmm8dXXMnkoP_ZZwvOsczUjBYhkdOaGw8CTI1QwLZF7argGKer1NW5iYZvRtAil-iLfQ59v2wT-o3Su1kAuNar9vgIKDaZjeTmBveGTu30M_6S8RnRIh4I8ImU6_Du5k37&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyLwJnUZjAAX-VoIYMRW-IH0di91WxA&u=%7C%2BiOcvGPGOIYT14Jxrk8kHTYC93Rl0fSQ%2FkqKt6DMerU%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc6nygJ274zNPhQpJEnippfnLPctJAgOVJK5QBvON9Ye9GS_f4NkHgJhIZ9z6_4LUZQsLHE_Mp7-qw-Xr2Zo7UQXE0dLp47Ngn6EqjULIz4-LeeA7hKtXMgBh9i2c0SAdVgYDQP3xvFgMBSwvsz_Ijkrj6Fd2eMuZspEkjcEsei_DcNoCcmYH0otLED6cp_kExBN1Vr2s9skd3p7sDIN8MzGKiSroEEJrDTdhPJ89Y2YAWqIxOe57-f12F_WjmgMNJux-SS0KifS6CdtC7OxIcG2f6FT_VzypyRAAAtkp-PWHFmxSkQbUaMbTFCc4V_9KHxluXVRBRliGLPa13Yrk2CPbz9wVv15eaZLxpxJ-9q9djnR-riPxEt1ivbnq1raNH6s2NrhInwE8rQ9tbNBd5GAQAFswR3jiTVQAphrBPHyj1sVRnUwLija190djNWaw25c86h70_nVwQvz5dDAqmMNW-EkYDaVlXaHS9PusBfu7fJWPaOgP8AgZ09XunOjZSue55dCTHKKVyelMz_RvGJ2q8c2HKJjM4A4uvWm1TqJKOrOJrKYaI2Uf3ftwORILwUqlhY0EjR4jhPUhaMw894OJR_ojR16P1Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLnD3vWJ4Y7yRO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0JGyydDzIQbZxE0bg_RY5UQsloC0hZ4vW008KDS8iEaCQQ6yjm86DHcRNPC8i1Mx2UBJYToR0jy8choLe-P6pIbq14AOI0mvo3VvAh8ktSsHa5BSNuP2sP90uU3QXVIsYt0JcZ-ydkRGoH_gbiVgVbcXOjXGzYSST0FAXcReCYCqct_yEBE4284X2JZU-Ja0WlyLiJ-9GlUY9ja8DnEX-ownS44Y-ZmRhyIEE9eSS_0kVwJb4hESoxkCYsWNPBJOmpyFj8e744b8EzPoQYAJpRBydCcus6tHj_eL3vZJtR7eYGJR9bhWh7gzFIlq3yt3lR0xjbBm8pvpM9AranPVPaDrOC4lfxNeWxsXbLeDExlY5cMT2dZXidR-n8ezd74IdMrxi_tSB7nP4AQBgAaGvuXguZWg7VygBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0DDvTcIdjQPeHnLGoleEiuuQYvrw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FEA7 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2ZF0dWeyHKk0rp-osttJYG7OyQ1-kaQojxSR6i6N8JHGrbIMqInNwvZFFs24AevjJ_nbsP2id_QXPt_8_lg8jPZuTwbL9PdkG0xyLdMrFRDpu8QwIaYxy-bT-eITpXdrFY5NuTjXSRsrq0NQVh_HnYTvbKxJ6kw&sai=AMfl-YRSblrDaN68Psnsa9iechttxcV9-CCHJ3GY-so2VC_P2RjxWb9kblQjnOnfIykE8GSazZwbdDAolo3SJs6SRx6Qlwcxd6Qq96Ihs_p9c21xrUmdXSsPLEbmv_TLsg&sig=Cg0ArKJSzIzZLvpuOjA5EAE&cid=CAQSOwDq26N9McmkUFmoXugsXVy4uhEH8gFB-M7ucXO7JRcKxwRrW9PyXi-ZfPZavqRGDxyWILDiARDpy8XaGAEgEw&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=1053&tls=2054&g=100&h=100&tt=2054&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed7bd3444b9e4ccc3471827d04be4e7c9ec2d065d7567595b733fd82d1901f21

Request headers

Referer
https://www.bg3.co/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 19 Nov 2022 04:59:45 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Mon, 19 Dec 2022 04:59:45 GMT
pd
u.openx.net/w/1.0/ Frame CB6F 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
feff320735099d47ee93d6c73d48f8fc5d682382c410c6d565a15867ae42d5bc

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sat, 19 Nov 2022 04:59:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 4846 		0
0
checksync.php
contextual.media.net/ Frame 0E73 		0
0
sync.html
public.servenobid.com/ Frame FF6E 		0
0
/
onetag-sys.com/usync/ Frame 685E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1668833979814
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
d1b89c8c3665c656e6fe7da9143dda24b3597f41eb859cc821bf1c63951a8e6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1375
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame DA25 		0
0
sync
eb2.3lift.com/ Frame C1B3
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0
ixmatch.html
js-sec.indexww.com/um/ Frame EE29 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
230
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
76c660d6dea7fb88-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 19 Nov 2022 04:59:45 GMT
expires
Sat, 19 Nov 2022 08:59:45 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
all
csm.as.criteo.net/ Frame 2637 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=PMktslOSqEMB2aTA_GRzqc7VAVGLXKt8rGE0VUOaasUvTmQ2szfQRZNk3o5zsxygyubNaQPfM1oLuX6xNeN_o0XoxkRQp0C8cGaYTzsESrllyUzy4J2dFeLeR3C3Qg092TT7KDNIU1LcKd3I3StoJfKy3_G1b7VBhgXwfTqxJHKVKqxF3XOYyKxw62ywvmSzkNBpfo43Q3Pqo2VlAPcR-r2MSG6KuArW33ky71Rw1jNOO4APybfDsEgyZlkPgeW3LqghwQ&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y3hivQAOyL4JnUZjAAX-VjAsj6EijFlrHIKI4A&u=%7C%2BiOcvGPGOIaSuS0nFi%2FSw46FvrdVCSbBEV1omp2xdlk%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57oVqw7Cvg7ORZ5y2n_PXned8JCsSCQ138ULuqTtuWjQY_gaY2FCscn6XBiv_o9r7B1l_TNwO8XRH6dOkCJ4g6T9fnRJqUrUMW1KgfAQRLjln4ADYJCj-MOwKiyNJ7q_mSZJo0Cv2nSU8RkcfywJHlOBuLh5mffZUbI1n1fQAq-Wn11v-aNGTNbj6-t-X6akFWIiUo2icvhq-11S2RfKq-Nf8TRQTNvlZI5topFCpIowGjBI2vT3KT3V23KfSs2VggBVi3FD47yy3obIoSM-ZfEUuUTdumcVjjdcGm413NCB05nwINTnicUwTZ4OQusivR1fyAtfLmOXzOF4Knu45MGwe4vmOv7aMlrZyLSRQBQK8vhL8pW-tP-G6wXSyc6aBcmY7Cn-lyPBGiSMTYbIUAKMJRkPm3a_nboQe3JyTF56bHK2fROAn96c7SOrrog3UIaNqc4w6ZiydeOJ_dXunEIZWfe06EbqN11iPSzKlncppyo4y9oNZqrTBBYhOTYG_fi5cIe6fOnklFrlssX9_PBx82hEGH-O1BDYdVPdDrIFHoh7PDpL-N5yUEIPdFTgwEhF3crWgCCZozl20ygEupWTbGRxf-TXX5koW-e2xrT66U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYrbvWJ4Y76RO-OM9fwP1vyXqASY_NGxXKqEzOSFAcCNtwEQASAAYKvssYXgGIIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0yAEJqQLGsA4nl2OmPuACAKgDAaoEqgJP0A95aWG9aJveXYLH8MZgfwT6ci9jhyQ9_fwsrtJ77E1owzU4CEQ_tYyay2tPhWOsGSWrILcRif7uRNQB0_2k5dUIfZSx5t8EgcTIrnuRQcL8j3FlIDvq1aiprluv1_RTh0ngmqcJ197XWjUVzfx-LwpWdL_oe6JsmkvcQq5lr6vot7a4cv1YdF7JJ4W8tm_iT9Sd0kmlIrtOkoZoRYDfxE2UT8umHj45qyIQpAUabDkq24e5xY7UhAZGRFMUrL34DS1mPGeuujw9Tf50LkzedVWkWraP6U6CFpgsKj5Vq3uEjfhVUPNhd-SeHT-TznrERa3RKXNMZGIkTWqsNlhsIoWOCtdxswBY_bscA4ZUwq2lmEh-3nKTWObMLcRLcwQ0TpwOAOLRWsmn4AQBgAaF-oaFtrHmnFmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1NBOuyx7aPU4CFx-lTEsIQHGw2_A%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Nov 2022 04:59:44 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sd
us-u.openx.net/w/1.0/ Frame CB6F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2829205328296674529&gdpr=0&gdpr_consent=&us_privacy=
0
0
sd
us-u.openx.net/w/1.0/ Frame CB6F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=47228b03-f4ab-4ad4-9279-77d101004c57&ttd_puid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0&gdpr_consent=
0
0
sync_before
tg.socdm.com/rtb/ Frame CB6F 		0
0
sd
jp-u.openx.net/w/1.0/ Frame CB6F
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Adg4lS_YV3g1ks8ADv_jGsR3BM8AAAGEjkHCsA
0
0
pixel
cm.g.doubleclick.net/ Frame CB6F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM5MWJkMDktZTY1My0yYjVmLWQwNzEtYWYxNmM5YTFjN2E2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CB6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPTx7MBKPtiVEcfnSE-euTc&google_cver=1
0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3758394164867543&bg=!pqWlpeHNAAbvMpMzzzI7ACkAdvg8Wg8OXZkcunJ9WNqL2rPG2_C2TIKu5IBbO3tijPBU1e_rRtIpIwIAAABXUgAAAApoAQeZAr7Yih09cwszcz01fDE6MfWD3Z1F-SqA4-VmFBbw8qXAca9_igOFaCbDCfrCQTieS0-63aGAHhuajZZny6VYotQN4nzVNPl3VW2cR_YPuSbuOdZ7LNWz_kaje8Q7glUGOoMyPsOGFKW8WeFHkZ_fQQIIagnwIHY169jdmeUAeDlUGKNUXktkK0EaSi1Zrl5ktGcQS3BeANkgfn4Y8lcfmb_a_NH9x6EBpsgZtW-h7DWUu-UePKXEZNsjTrFwEpbm2S0PtJBXasLg8j04h7FN6k6_Tuu_FZFLRu26SzutppRGZLuxfiWDBFv1__Fjff6OlzSMkdMzn6IdwIfQeqzlnGCGUxXlvfF0Cwxvf_ZlozK1fTdAWBJu9_WxmmxhJf8NWoOgaWDQ8emus3eBxomBR_qCNDALPmsqpDeEeDnq-VlJ2om1c4CvYIv3iVRTwx6-tA_nHwi_tUNKrAFlzEjnXMKm7q_qlJVjJ9xcE1_p3nidO_VAoAx1_zbPHv2LomUVjfNMLV0NsUsuriyj5ryITATXiF7mXEgtXEhb2r1_sLcvkf29RqK1xuvjqujvN8DMPR6gTljw2RuB8HTskX9B7ahjnS0fccKMrBxfTSRIuqiXtxJhq_d7l-Ma-kDf30g7UTYIahyhhzwJ2TTsGf8FfSFy_J6A1jqqvQdvzW0IV3DZpsZLytc4Ty5__1DekRwydl4Tk1sQU8jLibw7G3n93CaPkvK1OQRRk35K48z79vFfn-_UGRy_Zi8r2izSxLAn4aB_805srpcIGgTaXw0VCTLtZSxGL_RijQW3Cv2JJxH1uyyrfA_O7yYdyYVf9CJvEFHoPL11Di3h2fmhUYcL1UUO2SlsTD9nirn43JWZavSWtyzpyRu_xTkiYpS3fObEeg_ZZnFNwxbKhMBAHCO2z_Luz--W-HTx9CK4v893dk0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/ban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C22F 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy92ikyAqW3Dv0NNGcJRYPQixMn6OeeKW8n269NLM2Rvb9re4ZrvCQezMXb_vuZDsNj2y9suE5KHnLqNVV0q4iJlCl&sig=Cg0ArKJSzINluUi49W1UEAE&cid=CAASFeRoxAqDJMmBuBVA9aT9Q11Ow7o54A&id=lidar2&mcvt=1003&p=60,450,310,750&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668833982576&rpt=1563&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Nov 2022 04:59:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3240 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D483 		0
0
img
sync.mathtag.com/sync/ Frame 685E 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 685E 		0
0
getuid
ib.adnxs.com/ Frame 685E 		0
0
tap.php
pixel.rubiconproject.com/ Frame 685E 		0
0
/
onetag-sys.com/match/ Frame 685E 		0
0
sync
ssbsync-global.smartadserver.com/api/ Frame 685E 		0
0
711916.gif
id.rlcdn.com/ Frame 685E 		0
0
/
onetag-sys.com/match/ Frame 685E 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 685E 		0
0
pixel
cm.g.doubleclick.net/ Frame 685E 		0
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 685E 		0
0
generic
match.adsrvr.org/track/cmf/ Frame 685E 		0
0
sync
x.bidswitch.net/ Frame 685E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adpushup-d.openx.net
URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=21c3150e-98ae-4e2d-b577-b46af5242f73&nocache=1668833978767&pubcid=9c52519a-86a3-4a0c-9f47-3d4767643a3b&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Domain
a.sportradarserving.com
URL
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELLT2EkYlUUi_yNgVP4MfEg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=9f29e3b1-b243-430f-929c-d55b5e101788
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELLT2EkYlUUi_yNgVP4MfEg&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C294%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync?&ld=1
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2829205328296674529&gdpr=0&gdpr_consent=&us_privacy=
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=47228b03-f4ab-4ad4-9279-77d101004c57&ttd_puid=4ffe6ec3-2f24-75fb-c591-f5af034309c6&gdpr=0&gdpr_consent=
Domain
tg.socdm.com
URL
https://tg.socdm.com/rtb/sync_before?proto=openx
Domain
jp-u.openx.net
URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=Adg4lS_YV3g1ks8ADv_jGsR3BM8AAAGEjkHCsA
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPTx7MBKPtiVEcfnSE-euTc&google_cver=1
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD_1nmH1jQBQ_QOkHM_rYKbUUj8sM-q8ulxteFfyRhxJgcOIWUJklKgT4xtYDRGSIp40YgMe8rG9FzXlIzs_lNgNY0&sig=Cg0ArKJSzDpGNO-CmMnJEAE&cid=CAASFeRohnN3jlxF9vvnmqEq8l3OBp52DQ&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668833982600&rpt=1712&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=3220l8GHMWTQZQ_iNuMtwmRCEVQgugRva9-3SXHdvr0
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
Domain
ssbsync-global.smartadserver.com
URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString object| adRecover object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| google_reactive_ads_global_state undefined| $ undefined| jQuery function| jqAlias number| ampAdSlotIdCounter string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions boolean| descriptionPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

48 Cookies

Domain/Path Name / Value
.aralego.com/ Name: sspid
Value: 68f51386-dc42-344a-be53-ce4f52f4068c
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 19991ece-6c06-49b3-9714-89843ef0fd11
.adpushup.com/ Name: ap_uid
Value: f7b9fc20-67c6-11ed-ae2b-000d3ac981db
.adpushup.com/ Name: ap_usid
Value: f7b9fc21-67c6-11ed-ae2b-000d3ac981db
.doubleclick.net/ Name: IDE
Value: AHWqTUm8FYSZlpX-OFJ-o1iL3qa_dLF_hRc11Jt6nKJIuPp_UljGlWz_t1FEbTnig64
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 9c52519a-86a3-4a0c-9f47-3d4767643a3b
.bg3.co/ Name: __gpi
Value: UID=00000b7ef0fd7c28:T=1668833978:RT=1668833978:S=ALNI_MZxOB-8SGtpZgWO0KsOucU4lr8-Xg
.openx.net/ Name: i
Value: 9c52519a-86a3-4a0c-9f47-3d4767643a3b|1668833979
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.yahoo.co.jp/ Name: XA
Value: busd3olhngolr&sd=B&t=1668833979&u=1668833979&v=1
.yahoo.co.jp/ Name: XB
Value: busd3olhngolr&b=3&s=rt
.yieldmo.com/ Name: yieldmo_id
Value: gfa47f28aedfd368078c%7C1668833979608%7C0%7C
.omnitagjs.com/ Name: ayl_visitor
Value: 5810f2646f045fcc2aaf3d164f29cd7b
.ladsp.com/ Name: cr
Value: 1
.onetag-sys.com/ Name: OTP
Value: 3220l8GHMWTQZQ_iNuMtwmRCEVQgugRva9-3SXHdvr0
.teads.tv/ Name: tt_viewer
Value: c5c4af92-4a46-44fc-a8ad-85d3dce12981
.rubiconproject.com/ Name: khaos
Value: LANGNVVB-1B-1ESH
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ39XnXqkiUlHXrd8oPN4aCPfH+UvP+HSfDoA5xUIX//i5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.dotomi.com/ Name: DotomiTest
Value: 122002cea4e6201f
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 50B46FEF-DB59-4B67-87A8-B60CEA026F32
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwu8XhmwY4AUABSAEQu8XhmwYYAA..
.adnxs.com/ Name: uuid2
Value: 3393362283669748672
.ladsp.com/ Name: smn_uid
Value: IsoT-2kdr3Cglz1BUSR4oQ7_4xrEdwQ
.ladsp.com/ Name: lum
Value: CILchvLIMBIFCAEQqAE
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2d6e7248-5749-48b1-4f8c-554a159a0eee.3jZ1UAeSPVs6iqJs%2F%2FHJoIEpP%2B%2BnpfzzgDKGgsn7SRs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ALW5ySFdJSLFPjFVKFZoO7nRaSso.GD87YLuYuvHCLlFOnfIvF55kupB17wQIfHVXJbQwCA0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fe320e4d-2d38-4704-bd9e-0196e036830f-004%22%7D
.quantserve.com/ Name: mc
Value: 637862bc-be3de-d9ace-1bc61
.bg3.co/ Name: __qca
Value: P0-2080598303-1668833979151
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1668833981.1.0.1668833981.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1299468805.1668833981
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-fe320e4d-2d38-4704-bd9e-0196e036830f-004%22%7D
.bg3.co/ Name: __gads
Value: ID=01eb6a826e68ddca-224f7fca95d800ac:T=1668833978:S=ALNI_Mb6Qi9sdRLW6_7NnBa_JF30mGxBwg
.quantserve.com/ Name: d
Value: EHEBCQHOJ4EA
.blismedia.com/ Name: b
Value: 637862BF34D6DEF6855D1338BLIS
.ctnsnet.com/ Name: gid_CAESEFV63BYNj9HC1QXftaqSNpo
Value: 1
.ctnsnet.com/ Name: cid_257d64e79e1949bfa5df05c54a3ebd8e
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBMBieGMCEH43rEo3e7qM0wgjuBYuYLcFEgEBAQG0eWOCYwAAAAAA_eMAAA&S=AQAAAly-7jRe8EfgEViSoWjqvDQ
.c.appier.net/ Name: _auid
Value: bLymEMI7Cv6IeJh9wGJ4Yw
.c.appier.net/ Name: _gu
Value: CAESEI1s8k0pYlZiKUYeJFdlDpY
.turn.com/ Name: uid
Value: 2829205328296674529
.tribalfusion.com/ Name: ANON_ID
Value: aTnsIHNj6WkCyhURALhZaehVfb3wYTsIDEd1DU5nTwqVvvdSZcn9V57GkJkN8PoIX5oGKZcCV3a3WGu3k0GyA4Aj1We
.bidswitch.net/ Name: c
Value: 1668833984
.bidswitch.net/ Name: tuuid_lu
Value: 1668833984
.bidswitch.net/ Name: tuuid
Value: 9f29e3b1-b243-430f-929c-d55b5e101788

25 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/31e7f00ff71790b9454a27b61e1a7b0c.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/712d971946f6a872a41dcd2fcabb47e3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/8d80c05f68fef59377e1bbf59888e488.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1ca31205d3ffd8a3237353bcd03b4211.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/01c434bb32388d3ad1c79b5fc3517679.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/c11be646a31c5c315b4ee1dafa783ae2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/db7c80d461559dfe172c41e5b1e11adf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/495d6b1dc69d2062826848c2f1e0484d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/eb5c05d61d366200be9e497547293404.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/9b213cc75eb7d12beb965e953a745290.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/a03d59faf31a37afb346a4a70c699b56.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/27cedc04300eb143e7e6fb53f201d304.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/1e73e1d7f44f643a4566348105ba720b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202106/2ed73a20c006d8d4dde77a07eb1ec603.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/7be4d88c42c32d5606ace063d0f5f75c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/d6ed3071009c3accc214e9b733a6d742.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/ac7b8084593e7e3b32176ae2504ed1ac.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/4bf226b204cfe6cc918649c518aa0b48.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://static.bg3.co/imgs/202105/e8f82cef33b7d8c3ba95e97492345717.jpg?w=150&h=100&q=100
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1668833977&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-ai-fo-lie-ke-tiao-zhan-bian-fu-xia-tuo-ge-lei-yi-tong-xia-shui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833975593&bpp=13&bdt=1933&idt=1958&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=5218998955355&frm=23&ife=1&pv=1&ga_vid=1471969042.1668833978&ga_sid=1668833978&ga_hid=1738972306&ga_fc=0&ga_cid=amp-PSPqDESYB1NK2c1Q8j2OVw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3806629216&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531706%2C44776004%2C31070923%2C44779076&oid=2&pvsid=3758394164867543&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5dklnw6vpsi3&fsb=1&dtd=1974
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEPPL5xkHaEXnoLGQPcEAivA&google_cver=1&google_push=ASkJ3FZzUM3Zngoj5QkoPUHv3FgeMwPeLxELpev3ff7q5zNncRhMBvvneLYYyRAB1BS0NIWc5Gs3CQL02okt0_5xNOWgFgGRbC55NQ
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvYmFuLWFpLWZvLWxpZS1rZS10aWFvLXpoYW4tYmlhbi1mdS14aWEtdHVvLWdlLWxlaS15aS10b25nLXhpYS1zaHVpLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833981598&bpp=3&bdt=530&idt=507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=5736368877663&frm=8&ife=1&pv=2&ga_vid=219277654.1668833982&ga_sid=1668833982&ga_hid=158507445&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44767166%2C44774652%2C31070763&oid=2&pvsid=4292958275180390&tmod=2044400049&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.u6xqt92qe204&fsb=1&dtd=519
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668833981602&bpp=1&bdt=533&idt=520&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5736368877663&frm=8&ife=1&pv=1&ga_vid=219277654.1668833982&ga_sid=1668833982&ga_hid=158507445&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3680311399&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44774648%2C42531706%2C44767166%2C44774652%2C31070763&oid=2&pvsid=4292958275180390&tmod=2044400049&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rbeiaa38osi0&fsb=1&dtd=525
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

169ae955669f6d02046b123457591ed7.safeframe.googlesyndication.com
a.c.appier.net
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.co.nz
adservice.google.com
adx.holmesmind.com
aplogger.adpushup.com
bidder.criteo.com
campaign.adpushup.com
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.jsdelivr.net
cksync.yahoo.co.jp
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p1.ladsp.com
csm.as.criteo.net
d-21854178762957812495.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
e3.adpushup.com
e742418d3fbb8f8684974c31179d2fca.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
f3700a36700f04277f1284f92a7ce4ae.safeframe.googlesyndication.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
r.turn.com
rtb.jp2.as.criteo.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tr.blismedia.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.sportradarserving.com
acdn.adnxs.com
adpushup-d.openx.net
cm.g.doubleclick.net
contextual.media.net
eb2.3lift.com
eus.rubiconproject.com
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
image8.pubmatic.com
jp-u.openx.net
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pool.admedo.com
public.servenobid.com
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
sync.mathtag.com
tg.socdm.com
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
103.229.10.192
103.231.98.196
103.3.63.48
104.16.87.20
104.18.24.173
104.18.36.94
104.26.4.103
13.33.33.118
13.33.33.91
13.33.88.20
13.76.45.37
142.250.4.105
142.250.4.157
142.250.4.97
142.251.10.156
142.251.12.132
142.251.12.154
142.251.12.157
142.251.12.94
145.40.89.200
152.199.39.108
172.217.194.132
172.217.194.156
172.64.154.237
172.67.72.16
18.140.22.207
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.142
182.161.73.145
182.161.73.148
182.161.74.19
182.22.31.124
209.58.171.197
23.195.153.54
3.114.40.184
3.33.220.150
34.107.148.139
34.193.201.64
34.96.105.8
34.98.64.218
35.186.193.173
35.213.117.18
42.99.140.161
42.99.140.201
50.116.239.135
51.79.234.100
52.16.204.248
52.183.162.69
52.38.91.115
52.74.36.190
52.77.9.69
64.120.88.131
68.67.160.117
69.16.175.42
69.173.158.65
69.174.120.107
74.118.186.45
74.125.200.149
74.125.24.138
74.125.24.155
74.125.24.157
84.17.37.44
89.207.22.140
0091500f53e706bef395368ce30f1366c1f87067eb8848cecd2c24b7a537033e
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fcb2f8d96aa963e368d4879379539225ea26c395efa27766601c5616155ca4
037192b727defa55cc176629db61c9c71c1126decfae405ffc3b0fb355a0d705
03735e4f71d239c6684cad226d35d76659218eaffa26a73e5df72ca68202421a
0535100df27c6d49a6d1c06b7f98455bf0cdef6ae63c4c168b5cf1f170c14c51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08cbc197c8422a300e3656b876c1e421e12e18159d5e47f8dd0a9999f04e2246
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea4a42416eae6305faa5766ce2550bfd9d47e5fabba549f5b5e070190193c3d
0f89174ca42c80b559e3aaee2bc804e11739af6622720d7665e44e050c2ba668
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1d06186935333e9e0054906d58a51794a743376d1b71dc55df78e65debcc9820
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
2235457133277820926e141a6a804444443e225e43f3c583360977a6b5a1d10f
2614bd42c4371a3f57f643135214981d724fedbf5c79f65b09e7bcd40f57091c
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a9d0d57e6b150e0663730f1ba4beb086dbfe821b74d65badfc2fd0fb6260cca
2c71445ec9538a4d031b32ba0f044ae793aac625896846f838f9c8abace99c08
2ca4d28ab2c14f13d6f0a8ea5175a4bfe3773cae9c502545a97b396737c974ef
2e77139884bf419f164e503105b06e895216ca6039451ec5ddae8faa7ce85120
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3353e3b36d7b7ee8cf0f81ed569398f0e8e83b5fc24046a3a92e08e0ba62fc8b
33a7826fed4a51bbd01f8e3eb4b4ea200e5562ac7af65c42ae08f8c91ef149c5
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3e76fa5f8f7b53855ef3a64bb458a6ff4a09da9a814e81d844c973008139f527
4030349627ab9a55f9f5ae722f58cffab11ace3f7aac3fb5a6f08a03c14ddda8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50f2e807824e5366b404f8aa5512011b611e57347149cc3623be41d7344f03d2
51ea63533ada918dc8595d04b77e0249c4144a65f8c819061d8f76bc0bd07985
531ced95d00fc8c26a6140869fb583238b0ccf457b7bb9e98d42d6b8a29323d6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
5a67a82f5a852b641909d530cf2b9ebe9b16c0ab11665480b40ea9fa0870291a
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67672a5194fc0776c61836b1bc5f8c72fdf57f495a699ee19389e24ae74f6733
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfd228178a7920f79853de46df09c0a6ee732b6d92100be5bb99174d05a9c07
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dae2327ae139336d024fe256ae73fbaa1dfd70bd4225684d4d40b1ba8335760
71248122428a02504cb699fc530df9bef59f6a72ada624c384c33ee8ec3391f8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
752ea30a5c2a9fbb91f2167e724af7c5b362b14a6593e4635a017397e86fdae9
7800bf45fc531c7c4814f0047ff19a04170a3eee2b4cd211da627cfbe71b50a3
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c273b6424d1582aac33a25fdd4b71d49049456333d1f266741ad43b3d673701
7d523f93bd2f87d3ecc0278b039e6488e2512a9eb0d836064511d3a769b39f5b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
87548942e28bb7e7757d17852a4a4d83efd50365f9460ae3c225ee517e5bcc39
878674d3e2986e2a0da06a414498ebe39c165c2e22624600ee179ec9df149105
8961b6e0d131ba5317bbfa378382b83673ac603f785fbf5b2749cabefe869a1b
8b3d576f3a758f7aa0f3ceec4533b656103dee1e49a3e7445131cf1ff1025d54
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8ffbb1604f6c8123843ff453579bb2f0a8bf335dacbc907f935c72973cf2dff2
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918adf8ef8018e153fd4c0bc1b4dda080163af044f6e543ffea2b77bb253fad3
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9367980d1a2a729754c9a6777d7236e9d49c662a197f00e210ba276d7e0aa6ac
958e3613dcbc29967968367b45ec0527da8e40c69f7c8300b470fcea89c7503e
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e2e3b674e72039a343d52c5d4f6d90e0a3d96e670702173806db167f1751f5b
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2d394c8474dfabc643e183cc3421642ad0842d0a0c8144bc4c6077de64e6845
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a87841628a841fcd03b2527e33366f6a64675f20b8dd0f1a82b51f042c0c32d5
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a89c99a73b3c1f0c7a3977dd68ceba2286f13385d81aa1bf2c6811bce17f84fd
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aaf9f28c5e335c859ee32ea5e4b7ecba0346d636ab6290e597f116a012c525ad
b1d74c7ad627e3b248e59bb66d96dbea670bc2f330268257ecebf965f6cb9362
b4759bb4f7feb87cdfa4b36b4fe2754a54224629226f76df1287a5873c1176af
b5c9d5142a3448d49d469012bf4ded01e79ead0fc72aaabaa376dfda889163b9
b80b796ba8884520afd65cb32ae2a556798123624f4aac0a049a5854c9af007a
bb9a24f8e27a9eb6bb2f25ab6aad5920348f4c13a105d429e3d0e741af46e1e3
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
bf747d03c51aaa3690742886f12dff8050ea067f931b203720988c9d1366c083
c3d5433298df9a32c8a53ddba38c14ad17bfbfa86f28d4619fe8f092bf4f62d0
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c4ab01c741996ed435ed1083e30f2cfaefb930f7be328cf4f6420f311e2c74b9
c53a28dc89ce35f109dc727ffbd06d0bf1b5b07c899592373d09d0f021b8ee12
c7fa7fd0d1e0e47897ebe6e0e8139fa12c9f1ed0286772eb15f9cddb130fcf65
cc064228f08646c0ac2d6426aad494a4b05df68de15d2fd428796506a67aa632
cfae027549199f91b4234f16dc0af76bc8210a61cda6443af1bc4dd063815011
d1b89c8c3665c656e6fe7da9143dda24b3597f41eb859cc821bf1c63951a8e6c
d246dddf2836b66ec0459590a70f6497324f1ba3b273da8f5b56939f1d85cc06
d77ed6309ee7b7248bccee6ee93865a56a223322f1b371379d224dfc21640677
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d92ecee434f7ba89b4efc74a4fca7a7ba57c3d19408e98c205bba9c76529f7dc
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
da9c907c6573831faf308dbb6ed9520cd69e31ddd6cab75127540c3c2a0049c5
dbb0454eb7b13da25392eb02e3a9f00a472ffc936d5a1cf13005d745bb8fdd2d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e005bd498c71a1e59de4a20aec621c9a51451e498778fb049957e17fca316f8c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59c9575019fcbb75f113d9170ec6caf4ae58cf9475e69ea97975cc16d761faf
e6703fbe9ea598731ec6ef75a281564d956ef79f08bc2b61849ae9a21fa35cb9
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
eb3577f46647f2e2db7307936038a47cc31c0ce75239496f6b7117282a47864c
ed7bd3444b9e4ccc3471827d04be4e7c9ec2d065d7567595b733fd82d1901f21
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edf0b9843d5d06825a6d7fb7b5b187bdd52c47946df85c32d80adc1d547ce637
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61de62bdd4d685961d0da741d164c50e531c9d98376158e47bb777363970f6
f32f933b3fb738bfb642f9ed6989debd35891daa27a9178874341f2651fa2e90
f5f0e46651b9087c82d5dcd202e3c4dc8525a9094a246d2259115fdb7ce10823
f686b41a0e840919ceb312e2dc2e4b5c3f40f6bd6b65b6d2db9070049f15d6aa
f6face60dc5ccc0f5d54ebc38fdd9aed96549783e2f75dde2661ac25b96b1e2c
fba6511da167e1a36f5c5877190d44550bc8c76e145716b20c51797dda435394
fed371774f5d4034087ced97ac75e2fa4c32e3d036f3603935f5e005ca036c14
feff320735099d47ee93d6c73d48f8fc5d682382c410c6d565a15867ae42d5bc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff7044fa27e31cb0b9cbcca8afcb17757bdab2e6cdf225559d87ea5dfda369b1